last executing test programs: 11.815841166s ago: executing program 1 (id=6355): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x0, &(0x7f0000000a00)={[{@init_itable_val={'init_itable', 0x3d, 0x1}}, {@errors_remount}, {@resgid}, {@barrier}, {@quota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x400}}]}, 0x1, 0x783, &(0x7f0000001340)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR") r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) r3 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$ETHTOOL_MSG_LINKMODES_GET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)={0x34, r2, 0x1, 0x0, 0x0, {0x1c}, [@HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x20040005}, 0x40) write$P9_RREADLINK(r0, &(0x7f0000000000)={0xffffffffffffff23, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x11, 0x0, 0x4c840}, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x210000, &(0x7f0000002f40)={[{@nodelalloc}, {@dioread_lock}, {@barrier_val={'barrier', 0x3d, 0x4}}, {@nolazytime}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@errors_remount}, {@stripe={'stripe', 0x3d, 0x5}}, {@bh}, {@init_itable}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=") openat(0xffffffffffffff9c, 0x0, 0x4042, 0xf8) removexattr(&(0x7f0000000200)='./file1\x00', &(0x7f0000000240)=@known='system.posix_acl_access\x00') 8.805454525s ago: executing program 4 (id=6363): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6) add_key(&(0x7f0000000000)='dns_resolver\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000100)='[', 0xfeed, 0xffffffffffffffff) r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r3, 0xc01864c6, &(0x7f0000000200)={&(0x7f0000000180)=[0x0], 0x1, 0x800}) 7.944340228s ago: executing program 4 (id=6365): r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0) ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0) socket$packet(0x11, 0x3, 0x300) mq_open(&(0x7f0000000040)='!seli\x1a\x1d!\xa7\x00\x00inux\x00G\xd0\xc6(X', 0x6e93ebbbcc0884f2, 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r1, &(0x7f0000000440), 0x10) socket$vsock_stream(0x28, 0x1, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x1000000, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0) ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000000c0)={'pcl812\x00', [0x8001, 0x6, 0x1, 0x0, 0x2, 0xcc7, 0x8, 0x7, 0x654, 0x100, 0x2, 0x1, 0x6, 0x4, 0x6, 0xffffffff, 0x1, 0x1a449, 0x6, 0x40000003, 0x89, 0x3, 0xf23, 0x6, 0xb, 0x8, 0x3, 0x8, 0x4, 0x10000, 0xfffffff8]}) 7.933266508s ago: executing program 0 (id=6366): openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r1 = socket$inet(0x2b, 0x801, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x14}}, 0x10) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7ffffcb9}]}) openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) epoll_create1(0x0) pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x1, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0) 7.852497573s ago: executing program 4 (id=6368): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0) write$binfmt_aout(r0, &(0x7f0000000200)={{0x10b, 0x96, 0x4, 0x37f, 0x35a, 0x100, 0x367, 0xd}}, 0x20) write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r1, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) setsockopt$inet6_int(r1, 0x29, 0x3, &(0x7f0000004240)=0x40000006, 0x4) setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f0000000280)=ANY=[], 0x8) recvmmsg(r1, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0) setsockopt$inet6_int(r1, 0x29, 0x8, &(0x7f0000000000)=0x7f, 0x4) sendto$inet6(r1, 0x0, 0x0, 0x20000001, &(0x7f0000000300)={0xa, 0x4e20, 0x5, @mcast1}, 0x1c) ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x2) 7.825025794s ago: executing program 0 (id=6369): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfffff000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x2) ioctl$sock_rose_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0) r3 = fsopen(&(0x7f0000000000)='cifs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000040)='source', &(0x7f0000005fc0)='//\xf2/\x06\b/\xdf/o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000200)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000100)={0x20000014}) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r1, &(0x7f0000000000)={0xa0000001}) epoll_pwait(r4, &(0x7f0000000400)=[{}], 0x1, 0x80, 0x0, 0x0) 7.622728314s ago: executing program 3 (id=6371): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) socket$can_j1939(0x1d, 0x2, 0x7) pipe2(&(0x7f0000000200)={0x0, 0x0}, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)) socket$alg(0x26, 0x5, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000003c0)) r0 = syz_io_uring_setup(0x462, &(0x7f0000000280)={0x0, 0x40000020, 0x10, 0x2, 0x34f}, &(0x7f00000000c0)=0x0, &(0x7f0000000000)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_TEE={0x21, 0x3d, 0x0, @fd, 0x0, 0x0, 0xffff, 0x0, 0x1}) io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0) 7.49279004s ago: executing program 4 (id=6372): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r1 = gettid() timer_create(0x0, &(0x7f00000001c0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000080)={'#! ', './file1'}, 0xb) syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x10400, 0x0, 0xfb, 0x0, &(0x7f0000000000)) mount(&(0x7f0000000080), &(0x7f0000000000)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000040)='trans=rdma,\xfc\xb5%o\x85\x9b\xe1F\xe8*X\xe7\x84\xcc\xfd\xec\xcd\xbe\x9d3\x1a\x00\v_\xcf\xb7\xb5\xe1\xf9\x1eC') 6.252830131s ago: executing program 3 (id=6374): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) openat$rfkill(0xffffffffffffff9c, 0x0, 0x801, 0x0) r3 = socket$netlink(0x10, 0x3, 0x15) writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000180)="39000000130003470fbb65e1c3e4ffff060060001600000056000000250000001900b3c0b6d20300070a0000000084db26b9e4e20000000000", 0x39}], 0x1) 6.184820265s ago: executing program 0 (id=6375): r0 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000280)={0xa, 0x2, 0x0, @empty}, 0x1c) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000500) bpf$BPF_BTF_GET_NEXT_ID(0x14, 0x0, 0x0) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000001fc0)={0x0, 0x0, "72928cb65b9b0c7c8b7a9a91da58e1cee07870d85821559fc1bc106f335fbe2304975e5be103c4b09d47e6263fa3c25d9d9bf453032bc0beab80579acd3a6bad0e488de5f49da53af5dfa1eae375a6adad56964d049bbff7dd7eeb6c37e7ad45def58db3f06e825ad4c709d9f7ab166cae546206de66986209391c077e905a6039a29de36a9c6a31a413d15797320b0c84240d2908e651dd0841201a669dd76f4a58582e25cea32aa05d6b4d7bccb3bc62321f7dcb0df06d4a60283ffe0db9e3b8eb867acccdc424623bdaea3623337a04563fb5c742d1744234bb7ccf8934502f2da9b7ae97b7faf32a263b5ee0a5b5f24814c62de0fd561d1b43d05b8d9a7b", "64a5314d049e761d44aa48d0bd8db24927661e783dba79e5694fe19640c59e421c2a8949eacaedb44a81ddc823594c41b282ba5fcb9be9ec425107b7d3ebc48f7665f7143e4e14f66028258e92324bcf98aea7d31c9229ee24d84fdda14bf43be08e45c7b0b6c609d3dda3b4a29d93bcf4a3a6b3924cbdb4184d9bff20d8d78a65f07378d5cebfafefa9933f0e5cfa32e0fb53ff8ecf5af010c979d19b64c2b98898d9dd82d4d2c88e1271ac4b8ab0e78b8c49df1ead9fb30933bece1c846bad9ba76439964d22a73d443800901188c988f0eaad1a74e9a9770426049a841f185d810de68b5ae2c7b721b281930001de33675e394dfc117e730de979cee1840a1f8bd765f2c30f98c3410712fc1af08ab066beb70673caf115381eb52169c6b5a53df89d7c53caaf6b46d6bfe1da51a19672f44d64621a44637c9c3d852ec8d91a37ab3ddc0ff3b77b98c784069c33bd511eddc3971929b25a627e560124bf022a34ba235f962cbac97cba1ebd1abbcc9301e4e4886dc6363c329cc7b93afbee9df8685750d932e3f3bb10f99cbccd2a8d90b132235525597c2a14404d57e9e0277ea18ef46e7045d4866f267ff2fb10be2357d1bb01c03fff76c0b78b411864d8f90ea3b4e5b679aab44a2b7d70e7728b013fc742cf6a2a25ce9f993a32af6b34255a1b512d464041a9103289bf92492043d3ebeecc7bfc2d55f921ccec592f04010b89daaa675ffa40c1a5db010101d52d7b44af53eb4f97d0fbeacbe7a06a577e2ae31a424eb528386c98ba78a97b7ce70e6ce0b00e467ef47b27ee0f84084f2d29ef408f8956a34321522fcd428f06fb34015af853c312093342e827d49763836ce1610e366d5ca2323ce4b46ee66849acf8ddd87b9609aa13fae35b5cd8f71d4bcfaf762111b81afbc020057bae70575733f23ac57535fb72e3e5614b439085a5ef80384c8681a2b8a6739927828fce51bd201e5c951d23631171732edb9e04ea0888810a931da32b62541efd0c087fada0f0729acfc746b46b0455fb4d63ff791495027e5ad3b90daef6356590668725e9eaac1e570aba7bac974c791ae1fa2155bfc1950a0f9f0144ac7dd3e5bb4de129367a5e7193b90fdd2a47ae9ca93a661192d2fa2994d0d18bfc53b1295a412b455703ebc5b94e3d071dda9006fc8ace9ac7c378c66830760f28f0eeb770ad6777eb520efc638cbdf033b4d8621add6027c56a911604191b2f5cd8b285fe223b72552cff4ca57b5854a5aa69142360e6284ba888e7dde069f5d434fdf24aeb6ab031c9bb848e545780eee9de96e51b953443e5f2410dfc807980181e9d626e483c08a9eaa6e8fff9bacb329b51b64af1b0544dd82511d742212b2d40c2dd83e973754fb847c6b96ae49c500c9a0470d7fe7a23558e8ad7405127d18089de14319d6aba5bfb84e8f95b05e0158c0f081519575bf2f2dd79e0fb9e925c383e39cbdc5680009480cf578d85c4e1acdecaf1960fedf40925dee48c4e12ba3a9de901a9e0fdfd20f733690bbeacbee54eb55d7d739d442c6ec981c7c7af23b04acf75bc6643c0a61b615242fb821ff2b87b37412252b2083d253298f135b6ae8f9522107ab0b928e6ff04e717fd430903290556b4a3e22885121312cc4e26e6fb32cdc7d95aee07db59075804583d4c1f74daab40bb205ec7afa7864e3178e5911a1cf02c97a9054a403e68a055b08120ce50aa4b3f1747491b3cde6e3a19049b6342cf89cfe3e2cf25d1257c880537df295298ea96607061c17a8aea18ff7cf15ca4c93840988a89fdbb25b27314100e8304b2d5b740dd9d3d8e6df42c62a55b61c53638b4f00f16418b526ecd6efb3d2942545e61131d37ac32abab82d1e92c8c6be108aabcbb4fda49e9e1495f1d3917fd97ab5f57d0d904e16040243c256d739e472a92f54ee6ea76181441c904aa6b25357efb4dcf461da5febfcf67db409aa56dbc80c345c14c035ce09fd15fe9f5a7b5e374d94df8b78b013ac8279e4a2f6e5c5aa0689b76c31930ec5d552370c9cc958a5120573852682f48f30faefa87ebc6fe4eb883ea859fdb3a269393c3f241e25abdadad1e666f9b4152daaea45c40a5d74a8cbdc2a16fe189d74e3d65818b8e7812b7c1c2391aa65a797b4f224ad98362a51beec5b8426974c9afe4988690e8af2b82a5870a763c3ed010777f56bf0d5bc05d28dd96f75aa0907e19ef4d11198310da02e75862b77fae8f4b7e269cb7a316a8d9d7a291cffcb81cd65a038ae5055e384793902b71ba62d23d326bb46851065bdcb8d35fe74056b04b2d828df6a31c84d2c8c7e515ab7079083e76487cb67e90ce9f9daa2bc3a17b46a53130b45ab189e924a6d9516f9ad96f48ea9e88b2e095d18162c34aadf8ae7553a7ade2fa9ecdd765f78ae0e00f0d9ff3e68633d84bf83bb88a9463b168e5c82931c90d18b056f5a91c1e9110f1d52229e502bb9314e694ad234d8699855bded7a9b2f548b97311cfd5b33c30afbd4a6f334965e86619921ac9911ffe98c69bc3fdf5193f8203e39e6c3f909aecae40feb576bd7f5830cde6c6731792ef523145cf010a4c7307a74419756694b995197c321c9be967f2aa27b97ede4085e66f74d0bf874e03870a9b522d7be7fb350e32fecdc3269ee9c2444fb6dde4cf73e0c0361d8a2092e4f91a47405314a3fc0cacf2b8c5ab932c9b13541a54e2196cb63180cba6ddc99cc87ad14956ae948aa7d21013395e176cd9c36d8fbb9aceb8138646814ae80ab16ed563c2046ee91e1be9f2efd774efedb4c1db109e21aa14b80b191c052f251b3e585e89543219432562ce9f858ddcf61841ac79fe30e250be18d09ae5306d61de4c3924884fc023a60e46050d96b055e9d5e9069f9985d32e143cc8d3b709be51e582f9da120e46c122afc4f468f706ed683e487ab62e8071324097d17a2d064f335561b46a6d9df68d8674d955d931ca48b4fafe3ee3f6fa9b08c194ada028b4e34260d958bbd409b94e54212c69f24dc2ddbba14497e0cd95c3e67deea84471ccbb8cf5aef446f2378044794a7ebbc19012a2e0e493bceb59be0c3cd6859613f3750b9a037165eaddce386ebd86a3736b0ca1450fcb6ae4ab5cf61898975e0069efde491d6d0cea7e3aafd35143e66a41344a035b1f354b9d77e993f3f9c2b67ca7f1bc0f9bb2522f5495d283c0f4badb038a4cf5ad5fe9579383f93717c51abf1bfde8990a5199a8b7584dc6c53ee3411083d181fd36774ebb2800ab6387bae160c9e6afa725c6149b6fa11eaf4576db79e5ab42f8d670f3ebbddca4beecaf0a86d0586b8b51a95735fb2ae561c1b47281dcfb3ac54b75a0407bbc93c9eb019ffcf02badfb2d662ee46da9fbc733427e75625e711f569807af6793a42f4c91b9026d568ef3d7df830b8066d61e752a373fd21ee401268bc1398b90ed5225ffda0578379a79ad391e755af5a4c92fbecd72544b1fe9e0d9bb9c55877245903ec59888884144d99de378201cb78259a35020ccc219904ecc219cc5cf65353c01b182885fa7572be23e563d94261f94d50a96fcd3d67b51e4d2fafb729b1f886e8c245938e07f5531f96acde211a3f089874ed698b7511ed8e02a014057773413460414f2bb9f181f6a3d929cef99174996f2ffeb90c36031df30a09fc73aee9dd565cd17c4861e393f92714bb99ad72e5c8484003abc4a6a79f11b2c97473f0eed97092bbc5d6c59bba54d116de8b2c0eaa69b8ab0812a42a2f7b824b3b91818c5774f756db7e07947cba3cf8aaa1db5d0027c24840e640a1f1addfb93dc6da98099f43d8b81f8b4123512e16a1e1c6db3d503b61a91744941df0a0896cd7d13002d4bad07f4f39a2710be81f16592531b803acc2021126e60caf50ec5fbf3255fdc157bb75f82854d65150f4d20f6cc1354636df3634384a04b93131abd33874b163100453b662fb20b69b9f93f93f37b2d6a68034b64008ef08365796fa45a796698f305c33b9d138ffe53843ee1764891086f11f1ebb69753d08595b25094f187ae0e86431590857503245fbbf4c9a15fb1c3c5236f75cdc28ca8627fb59749596d1d0b8c55f221d23fe1f1d52a811e71698a29f2d5ba15e4a6f975f4a39421b48d4a32d5483edd1298d7d4f830f492aa22926d4328d36404a8488e775a273ba05ae7b0d5b7bb401a44c25c5591e02b5d942e02d7f798f58ef2a5aa551fbc69a400b1b248f7a22eae8806cfc90ffb88638cbccc5e8cfa4a8fa363b13ef64c5588d6c8c0f701957ae130cb2d3a252a6532faf97cddeb43bfd8f602627220d1d28b8bfde6a19d61fafb4137dc4a7b00faa06251ea261522cb0892dbfe897d588c03b6acaddce94779af0c3ae8d312f47a4629b28454905c39d85f6488c13f93f8d1f0afc73dd3290dd4e8f7a429875b2bed5b858ad827e88b80e79f43e82a81eefb9792431a5569e09aa59d4c52093ce620f2246f2964361d2313965826e970853263252a42123ff8a78096938d3e3986209f1e0d9206286f7eb15f11c296065960c2e7188c7c6765d64f61e366a5b6acc0a195a4fa3f31ad5b47dc0a9c637f783588518c6f31b23e42a05f8e5d160a62052eb132dc8a9999e7d33cc0e8e2d473d8d8f974acd7d4c5ee5f2e0ecef3c74ed1ad5bd7240220b057ddc3a89be4a6c35a6f857b7591fe79d1b960217ee0d3a7d541a58e5aeade400503d7055a5d7c2e454d6a46ddc13d328a8a834091dc99d9c6d0d6cdbf4b4a116fbdd235dbf971d08fc1e01106daddc24fe8ad857f8e52e75c3ee4120ac17474a1e802b5d7b1d3715ceea1c1f107daf3f439e0ded6dca5ae59649adda71be45963001e0cf0ac82a37e13f8e8aac777c51c7697d53a9c31018da2751615f9a993c82c1648e3212fc1352f266123228c9d72a2101a068c37650b23870b8701492af17eb2e198fdef1019dead22faed6103ec3d38b2341d81f0e1c0b243622a4696e43c155331f137bef05060867b1b68ab31bfa734f1dc747f966a463d9d7f3cd96d36eea668f62f68a9b95d318fe0433bf51a39183a7b0f035889725c720d868c6b7764b6403a4a77a787f4ee86fd198cc90bd3a11456e6dfbb0219c8d2d70bcdd6ed3bc237dd3221b08f90cece55c52b413beb0d5b055ea3ca883ebefd4a99b6b8514a1fa55060de72592585b06bbc6fb5d9c44d30d8ab73d4aed8c7d714d3e286cf386a5b2f68a865051277c6ee9593669ee8f21fe527c8cc31984c780700502480ff5814cd9503f23d69b2e93f077e7bc0d13fd03f4c1d1dbbbafe890bad0c8511e5f944877a33fd9d66a260f0e1e4cf8fca04ead5e30f033e4dd787300b851683965f9ba5a3b45306eaf456a122ed177bd0a2926b78575e0e5ef38da38ae65d91d169caf736d4417d82d2ba04e5"}) listen(r1, 0x2) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4) setsockopt$inet6_tcp_int(r1, 0x6, 0xa, &(0x7f0000000640)=0x652, 0x4) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0) sendto$inet6(r2, &(0x7f0000000240)="c4", 0xffffffffffffff95, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @rand_addr, 0x5}, 0x1c) 6.184130865s ago: executing program 1 (id=6376): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x800000, &(0x7f0000000200)=ANY=[@ANYBLOB="616c6c6f775f7574696d653d30303030303030303030303030303136323134372c756e695f786c6174653d302c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e6e742c696f636861727365743d6d61637475726b6973682c6e6f6e756d7461696c3d302c696f636861727365743d6b6f69382d72752c756e695f786c6174653d302c696f636861727365743d757466382c6572726f72733d636f6e74696e75652c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e39352c7379735f696d6d757461626c652c757466383d302c0074c3fc52ac6365d676e1"], 0x1, 0x3b6, &(0x7f00000006c0)="$eJzs3cFrm2UYAPCnadd20zUFRVARXwYevISu/gMrsoFYUOYi04PwzaYakiUjCZUM0eHFq/+B9+HRmyD+Azvo3Zu3XTzuMPZJ8iVd0mWbtbZh+vtB+Z587/t8fb835OPJITx3r353vbHbrexmvShdSFGKiNK9iPVhVFgYHUvDeDkm3Yo3y1d/f+2Djz5+d2t7++LllC5tXXlrM6W09vrPX3z5w7lfes99+OPaTytxZ/2Tu39u/nHnpTsv331w5fN6N9W7aandS1m61m73smvNWtqpdxuVlN5v1rJuLdVb3Vpnany32b5xo5+y1s7ZMzc6tW43Za1+atT6qddOvbV+yj7L6q1UqVTS2TPB01RvX76cbRXx6hPmXTipBXEMOp2tbPAZXnlkpHp7LgsCAObqqPX/8tHq/9Z0/X8quo3KC28Ulz50/d9R/x/SZP3Pf9Wg/l8efX4jIn/4PUD9DwAAAAAAAAAAAAAAz4J7eV7O87w8Pu7/OGD0es7L45g98v4f+Jv3+jheEz/cW41ofrtX3asWx2J8azfq0YxabEQ57g8eC2NFfOmd7YsbaWg9zl7/eph/7teI6uJ0/vkox/rs/PNFftrPj8HxVJyZzN+Mcrw4O39zZv5ybHw/kV+Jcvz2abSjGTvDx9vD/K/Op/T2e9sH8leG8wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4f6iksVej6Hu/V404HXuj/v2VhxPWp/vjF/mj/vql2Ihy3J/dn39jZn/+pXhlab73DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABj3f7NRtZs1jonFYx7/g/PLI+Dx2ctFNNvHRg6HdOTV552nb8f5HmeP8jzfGqodKjrnB7d5IyhwZW/WS2GizM7rX9re1cXTvStPEpwKiKeMCcfbeDk0GL8k//1/P4+z5yzEhHHeqdrg6A0/w0/dHDijyIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYu/2m34MXC/NeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPPS7d9sZM3mYmcU1KaDpTh4JmsuxmMmPy6Y9z0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8S/4KAAD//xp0CCU=") chdir(0x0) open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x8005, 0x0, 0x0, 0x12, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]}) r1 = socket$inet6(0xa, 0x3, 0x6) ioctl$EXT4_IOC_PRECACHE_EXTENTS(r1, 0x6612) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x80800, 0x0) mount$9p_fd(0x0, &(0x7f0000000200)='./file1\x00', 0x0, 0x10, &(0x7f00000004c0)=ANY=[]) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) 6.136878297s ago: executing program 2 (id=6377): bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x1e, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0xfffffff9) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000580)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/59, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/231, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/70, 0x100000}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x32, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2000001}, 0x94) syz_io_uring_setup(0x599e, 0x0, 0x0, 0x0) 5.995975774s ago: executing program 2 (id=6378): r0 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4) ioctl$sock_bt_bnep_BNEPCONNDEL(r0, 0x400442c9, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) close(r2) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x40008d0}, 0x40) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000200)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_PMTUDISC={0x5}, @IFLA_IPTUN_TOS={0x5, 0x5, 0x4}]}}}]}, 0x40}}, 0x20008040) sendmsg$NFT_BATCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d65b"}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x68}, 0x1, 0x0, 0x0, 0x24000840}, 0x40) sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000380)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xf}}, [@NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}]}]}]}, @NFT_MSG_DELSETELEM={0x14, 0xe, 0xa, 0x201, 0x0, 0x0, {0x3, 0x0, 0x5}}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x7c}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000c00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03080000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021440000000c0a09030000000000000000070000000900020073797a31000000000900010073797a30000000001800038014000080080003400000000205000640520000001400000011"], 0xc8}}, 0x20000000) 5.87636002s ago: executing program 1 (id=6379): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x6) syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x140, 0x82) r3 = fanotify_init(0x81, 0x40000) fanotify_mark(r3, 0x105, 0x40001032, r2, 0x0) read$FUSE(r3, &(0x7f0000002300)={0x2020}, 0x2020) getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) 4.652933151s ago: executing program 3 (id=6380): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r3) ptrace$cont(0x9, r3, 0x9, 0x0) 4.528722707s ago: executing program 1 (id=6381): r0 = syz_open_dev$loop(&(0x7f0000000240), 0x7, 0x142ba3) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/oops_count', 0x8a883, 0x2) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000080)={r1, 0x0, {0x0, 0x0, 0x0, 0x7, 0x4000000000000ffd, 0x0, 0x0, 0x1e, 0xc, "faf98317e5a1149989fc8dbe43ea6acc96e3a2503dc3bd3fe37d58128bbad0099cebdc25f5ab60c9e6d680f985881a7beda9d69098c8b534464c516bdd8a0f35", "32d8cc26f7061a74df2cfc06c89f3d9e234b30c50997d3bef409ff2176ff7bfe55cd4a5d83cd4a524bd3ffe70c7f3f800b2f7b6aa54cc50a1fcaed1e831fa79a", "67523760fd40f78d2cfc03d81a8ca55ba139c01802c4dae4162e43ac61b7ad33", [0x2, 0x9]}}) ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x6) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10) r3 = accept4(r2, 0x0, 0x0, 0x0) r4 = syz_open_dev$vim2m(&(0x7f0000000100), 0x7, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r4, 0xc0cc5605, &(0x7f0000000180)={0x1, @pix_mp={0xfffffff8, 0x5, 0x34325241, 0x9, 0x4, [{0x9, 0x3}, {0x3, 0x1000}, {0x1, 0x451}, {0xffffff16, 0x4}, {0x6, 0x4}, {0xfffffff8, 0x3d}, {0x4, 0x5}, {0x5, 0xfffffbff}], 0x1, 0x3, 0x0, 0x0, 0x6}}) sendmsg$alg(r3, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) sendmsg$nl_route_sched_retired(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000012100), 0xe078}}, 0x0) read(r3, &(0x7f00000009c0)=""/4096, 0x1000) 4.431741382s ago: executing program 2 (id=6382): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0x1c, &(0x7f0000000300)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x1000}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x8}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x6, 0x1, 0xb, 0x8, 0x9}, {0x4, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x8, 0x2, 0x0, r3}, {}, {0x46, 0x0, 0x0, 0x76}}], {{}, {0x6, 0x0, 0x7, 0x8}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 2.489947117s ago: executing program 3 (id=6383): r0 = socket$alg(0x26, 0x5, 0x0) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r2 = socket$kcm(0x2, 0xa, 0x2) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, 0x0, 0x0) sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={0x0}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) write(0xffffffffffffffff, 0x0, 0x0) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r1, &(0x7f0000000040)={@val={0x2000}, @void, @eth={@broadcast, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x3d, 0x0, 0x0, 0x5, 0x29, 0x0, @initdev={0xac, 0x1e, 0xfc, 0x0}, @multicast1}, {0x300, 0x7000, 0x29, 0x0, @gue={{0x2, 0x0, 0x0, 0x0, 0xce1300d54c3818a3, @val=0xe0000001}, "ebc7a1e0ff5befe1fdbc66e400d7e83306de422b4a81099bcc"}}}}}}}, 0x4f) 2.455970699s ago: executing program 0 (id=6384): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000001000)={0x73622a85, 0x10b, 0xffffffffffffffff}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000e00)=[@acquire, @transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000400)={@ptr={0x70742a85, 0x0, 0x0, 0x0, 0x2, 0x32}, @fd={0x66642a85, 0x0, r2}, @fd={0x66642a85, 0x0, r1}}, &(0x7f0000000bc0)={0x0, 0x28, 0x40}}, 0x400}], 0x0, 0x0, 0x0}) syz_open_dev$evdev(0x0, 0x2, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000300)={0x4c, 0x0, &(0x7f0000000540)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x48, 0x18, &(0x7f00000004c0)={@fd={0x66642a85, 0x0, r0}, @fd={0x66642a85, 0x0, r3}, @flat=@weak_handle={0x77682a85, 0x1001}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0}) prlimit64(0x0, 0x7, &(0x7f0000000ec0), 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x1, 0x1000000000000, &(0x7f0000000340)="cb"}) 2.280851317s ago: executing program 2 (id=6385): bind$inet(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, 0x0, 0x0) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) bind$unix(r2, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) listen(r2, 0x0) accept4$unix(r2, 0x0, 0x0, 0x80000) 2.164118523s ago: executing program 4 (id=6386): connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/vlan/vlan0\x00') socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r2, 0x8982, &(0x7f0000002800)={0x1, 'vlan0\x00'}) syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000001018610f4205ae06d6c0102030109022400010100"], 0x0) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x20000000) recvmsg(0xffffffffffffffff, 0x0, 0x40000000) openat$binfmt(0xffffffffffffff9c, 0x0, 0x42, 0x1ff) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0) write$P9_RUNLINKAT(r1, 0x0, 0x0) 2.136406705s ago: executing program 0 (id=6387): prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) r1 = epoll_create1(0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000200)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000100)={0x20000014}) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r1, &(0x7f0000000000)={0xa0000001}) epoll_pwait(r4, &(0x7f0000000400)=[{}], 0x1, 0x80, 0x0, 0x0) 656.561438ms ago: executing program 3 (id=6388): openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_io_uring_setup(0x40f, &(0x7f0000000000), &(0x7f0000000080)=0x0, &(0x7f00000000c0)=0x0) syz_io_uring_setup(0x2bac, &(0x7f0000000340), &(0x7f0000000100)=0x0, &(0x7f0000000000)) syz_io_uring_submit(r6, r5, &(0x7f0000000100)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x2a, 0x4007, @fd_index=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0xfffe}}) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x40, &(0x7f0000000140)=0x80000004, 0x0, 0x4) io_uring_enter(r3, 0x1469, 0x0, 0x0, 0x0, 0x0) 656.079538ms ago: executing program 2 (id=6389): syz_init_net_socket$rose(0xb, 0x5, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f00000020c0), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_mount_image$nilfs2(&(0x7f0000000080), &(0x7f0000000040)='./file2\x00', 0x3200400, &(0x7f0000000180)=ANY=[], 0xfe, 0xa7f, &(0x7f0000000b40)="$eJzs3U2MG1cBAOA33vUmmwTilIQuSWgTftry091ms4SfCJqquRA1FbdKEZcoTUtEGhCpBK0qkeTEjVZVuPIjTuVQAUJqLyjqiUslGolLxaFw4EAUpEocoJC4yvo9r/3W1tib9dpef5/0/PbNG897Mzsej2fmvReAiVVZfl1amitCuPrmq8f/+cA/Zu9MebQ5R235dbolVQ0hFDE9nS3vvalGfOv9l850iouwuPya0uHJm833bg8hXAoHwrVQC3uvXn/l7cUnTl4+ceXgO68dvTGYtQcAgMnyrWtHl/b87c/7dn3w+n3Hwpbm9HR+XovpHfG8/1g88U/n/5XQni5aQquZbL7pGCrZfFMd5mstp5rNN92l/JlsudVm/r62+baUlD/VMq3TesM4S/txLRSV+bZ0pTI/3/hNHpZ/188U8xfOnX/m4pAqCqy7f98fQjgwwBAGvPwhhXq9/uPNum6rw4368OsgDCLUdw718APQlN8vXOVSfmXh7jSXNt1b+Tcfq3R+P6yDjd7/lT9e5f/6ciz/1F8HWg8mw2b9/krrlT5HO2I6v4+QP7/U7+c/LW8qvkxnyy/T7T7CuNxf6FbPqQ2ux1p1q3++X2xWX49x2g7fyPJbPz/5/3Rc/sdAZ/8Z9PX/EQsHRqAOmzpUR6AOQs+hPuwDEDCyVp6ba6hHKT9/ri/P31KSv7Ukf7Ykf1tJ/vaSfJhkv3/+p+HlYuV3fv6bvt/rYek620di/NE+65Nfj+y3/Py5337dbfn588Qwyt44/dTZrzx96nrj+f+iuf/fjvv7gZiuxc/WtThDul6YX1dvPvtfay+n0mW+e7L6pONGZUuav94ocXf7fMXuleWEluPMqnrMtb9vZ7f59rfPV8vmm41ha1bf/PxkW/a+dP6Rjqtpe01n61vN1mMmq0c6ruyKcV4PWIu0P3Z7/j/tn3OhWjxz7vzZR2I67ad/mqpuuTP9UOtCf7MxdQfuTq/tf+ZCe/ufHc3p1UrrcWHnyvSi9bhQy6YvNpLN2+Rp+uGYTt9z35maXZ4+f+Z7559e75WHCXfxhRe/e/r8+bM/8Ef6Y9Zm8Yc/hn1kAgZt4fnnvr9w8YUXHz733Olnzz579sLhI0cOLy4e+erhpYXl8/qF1rN7YDNZ+dIfdk0AAAAAAAAAAACAXv3wxPHrf3nry+822v+vtP9L7f/Tk7+p/f9Psvb/eTv51A4+tQPc1SF/edy9N9rrMZPNV43hY1l9d2fl7Mne9/EYN8fxi+3/U3v7vF/XVJ97s+l5/71pvqw7gVX9pcxkfZDk4wV+KsZXYvyrAENUzHaeHOO2/q3D6v6t076e+qfQL8V4Sv+3tDekfkxS++9u/Tql4/+uDagj628jmhMOex2Bzv418v1/t5yJD70uExBs54kK9bpRPIDRMOzxP9N1zxRf+OM3t94Jababj7UfL/P+S+FujPr4k8ofhfE/i3WrRHP8u56Ofx16V2/r57n30RX++/Mb77YUG/b2evy9nK166gd6d3mZrT6I5af1fzD0Vn79l1n5+Q2hHv0vK39bj+WvWv/9ayv//7H8tNke+nSv5TdqnO+B+XXjdP8vv26c3MrWP/Xt2ff6r3GgxtuxfJhk3ceZ7XUE29E0lPF/O9wfXav8OYwvxXQ6EKbnHPJv5H7rn56vSN8De7LlFyXfb+MyTnE3kz7+79diXPZ5SOP/pv2x1iFdaUlXO2zbcd9XYLN5b+Tv/41ZuDQCdRBGNMz2M3/jkboB16lerw/2glaJoRbO0Lf/sO8+D7v8YW//Mvn4v/k5fD7+byX7AZGP/5u/Px//N8/Px9fL8/Pxf/PtmY//m+ffmy03v4I9V5L/iZL8vSX5+1byZzvl7y95/ydL8g+GeE7SJf++kvffX5J/T0n+VEn+Z0ryP1uS/0BJ/kMl+Z8ryd/sUnuUSV1/mGR5+zyff5gc6f5Pt8//7pJ8YHz97PVDj5/63bdrjfb/M83fa+k+3rGYrsbfzj+K6fy+d2hJ38l7K6b/nuWP+vUOmCR5/xn59/uDJfnA+ErPefl8wwQqOvfY02u/Vd3O8xkvn4/xF2L8xRg/HOP5GC/E+FCMFzeofgzG47/9w9GXi5Xf+zuz/F6fJy8q7b/s836iDvdYn/z6QL/Ps+f9+PXrbstfY3MwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAoaksvy4tzRUhXH3z1eNPnTy3cGfKo805asuv0y2pavN9ITwS46kY/yL+cev9l860xrdjXITFUISiOT08ebNZ0vYQwqVwIFwLtbD36vVX3l584uTlE1cOvvPa0RuD2wIAAACw+X0YAAD//7e9G+Y=") socketpair$unix(0x1, 0x5, 0x0, 0x0) write$binfmt_aout(0xffffffffffffffff, 0x0, 0x9ffc) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800006, 0x7000001, 0x6e073, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./bus\x00', 0xd01ce0, 0x0, 0x82, 0x0, &(0x7f0000000080)) 592.135411ms ago: executing program 0 (id=6390): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) r1 = fcntl$dupfd(r0, 0x406, r0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfd, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200047fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendmsg$TIPC_NL_NODE_GET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=ANY=[], 0x134}}, 0x40008) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000002c0)='bbr', 0x37) openat$kvm(0xffffffffffffff9c, 0x0, 0x2, 0x0) sendmsg$TCPDIAG_GETSOCK(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000680)={0x148, 0x12, 0x1, 0x70bd28, 0x25dfdbfc, {0xf, 0x8, 0x6, 0x7, {0x4e20, 0x4e20, [0x39, 0x4, 0x1ff, 0xc], [0x5, 0xaf58, 0x3, 0x5], 0x0, [0x1, 0x9]}, 0xc000000, 0x80000000}, [@INET_DIAG_REQ_BYTECODE={0xe9, 0x1, "b99e99605c559ce285bbe0a128fedd794ce892fc407634bb3031f200afd06cbf65b4c1d98e1d4db4ca11435b6ad52b63c9c15237992f768533bd59a7c96ea70a996ecedf748f8b6b8974a7eb3af1d5c9ef1725a0f8e99f7687c1bdc2f83436e1eab1c617aed1d0f11a0f7f44b389134b51f5acaf7c50adf4726c1f2cfa26b7359ee87543e03ddea62911d9987e9a140de9477817dc1528c2401c60632be16628aa5bb579a3390401366d9c9806dca8ea1ef31d0ca2a530af5fbe6492ce590b44f378be8bba33c9b4a7129b8369eb404183e377d0cb10136371e187732c93164086078cc236"}, @INET_DIAG_REQ_BYTECODE={0xd, 0x1, "8ec7073d34eb2a47d0"}]}, 0x148}, 0x1, 0x0, 0x0, 0x8}, 0xc4) write$binfmt_elf64(r1, &(0x7f0000000f80)=ANY=[], 0x540) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r1) shutdown(r0, 0x1) 496.846196ms ago: executing program 2 (id=6391): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = gettid() timer_create(0x8, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)=0x0) timer_settime(r4, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) clock_nanosleep(0xfffffff2, 0x0, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe) 81.226487ms ago: executing program 1 (id=6392): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket(0x2, 0x80805, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4048011}, 0xc000) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_MCAST_RATE(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)={0x24, r4, 0x1, 0x70bd2a, 0x65dfdbfb, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xa}]}, 0x24}, 0x1, 0x0, 0x0, 0x44001}, 0xc800) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xc, &(0x7f0000000040)=@assoc_value={0x0}, 0x0) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, 0x0, &(0x7f00000000c0)) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, 0x0, &(0x7f0000000080)) ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r2, 0x8982, &(0x7f00000001c0)={0x1, 'ipvlan1\x00', {}, 0x4}) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000040)=@sack_info={r6, 0x2, 0x10001}, 0xc) 7.68547ms ago: executing program 4 (id=6393): socket$nl_netfilter(0x10, 0x3, 0xc) socket(0x400000000010, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) pipe2$9p(&(0x7f0000000300), 0x80) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) r0 = syz_io_uring_setup(0x462, &(0x7f0000000280)={0x0, 0x40000020, 0x10, 0x2, 0x34f}, &(0x7f00000000c0)=0x0, &(0x7f0000000000)=0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_WRITE_FIXED={0x5, 0x43, 0x0, @fd, 0x11e, 0x5, 0x0, 0x5, 0x0, {0x3}}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0x2, 0x4, r3, 0x0, 0x0, 0x0, 0x80000, 0x1}) io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0) 0s ago: executing program 3 (id=6394): getresgid(0x0, 0x0, 0x0) close(0xffffffffffffffff) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket$netlink(0x10, 0x3, 0xf) bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x3, 0x2ffffffff}, 0xc) r2 = socket$netlink(0x10, 0x3, 0xf) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000080)=0x100, 0x4) bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000), 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'sit0\x00', 0x0}) ioctl$sock_inet6_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000080)={@loopback={0x0, 0x3fc}, 0x0, r3}) syz_genetlink_get_family_id$mptcp(&(0x7f0000000240), r2) kernel console output (not intermixed with test programs): parsing attributes in process `syz.1.2272'. [ 308.870882][T10624] IPv6: ADDRCONF(NETDEV_CHANGE): >: link becomes ready [ 308.901695][T10624] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2272'. [ 309.510864][T10654] overlayfs: failed to clone upperpath [ 309.553025][T10656] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2273'. [ 310.248844][T10686] overlayfs: failed to clone upperpath [ 311.221311][T10727] tipc: Enabling of bearer rejected, failed to enable media [ 311.777836][ T26] kauditd_printk_skb: 43 callbacks suppressed [ 311.777853][ T26] audit: type=1326 audit(1773847158.691:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10740 comm="syz.3.2312" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8cbd364799 code=0x0 [ 312.624459][T10766] tipc: Enabling of bearer rejected, failed to enable media [ 312.762305][T10775] netlink: 168 bytes leftover after parsing attributes in process `syz.0.2322'. [ 314.180146][ T26] audit: type=1326 audit(1773847161.091:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10800 comm="syz.0.2345" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3ec09d7799 code=0x0 [ 315.044646][T10829] tipc: Enabling of bearer rejected, failed to enable media [ 315.889346][ T26] audit: type=1326 audit(1773847162.801:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10863 comm="syz.1.2359" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1c85e40799 code=0x0 [ 316.329268][T10874] tipc: Enabling of bearer rejected, failed to enable media [ 317.011063][T10915] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2375'. [ 317.044526][T10915] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2375'. [ 317.075315][T10915] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2375'. [ 317.103601][T10915] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2375'. [ 317.133086][T10915] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2375'. [ 317.166350][T10915] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2375'. [ 317.436197][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.443353][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.522428][ T26] audit: type=1326 audit(1773847164.431:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10928 comm="syz.1.2382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c85e40799 code=0x7ffc0000 [ 317.616826][ T26] audit: type=1326 audit(1773847164.481:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10928 comm="syz.1.2382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=131 compat=0 ip=0x7f1c85e40799 code=0x7ffc0000 [ 317.701126][ T26] audit: type=1326 audit(1773847164.481:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10928 comm="syz.1.2382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c85e40799 code=0x7ffc0000 [ 317.779060][ T26] audit: type=1326 audit(1773847164.481:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10928 comm="syz.1.2382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c85e40799 code=0x7ffc0000 [ 317.840391][ T26] audit: type=1326 audit(1773847164.481:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10928 comm="syz.1.2382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f1c85e40799 code=0x7ffc0000 [ 317.902331][ T26] audit: type=1326 audit(1773847164.481:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10928 comm="syz.1.2382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c85e40799 code=0x7ffc0000 [ 317.963960][ T26] audit: type=1326 audit(1773847164.481:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10928 comm="syz.1.2382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f1c85e40799 code=0x7ffc0000 [ 317.993891][ T26] audit: type=1326 audit(1773847164.481:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10928 comm="syz.1.2382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c85e40799 code=0x7ffc0000 [ 318.026149][ T26] audit: type=1326 audit(1773847164.481:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10928 comm="syz.1.2382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f1c85e40799 code=0x7ffc0000 [ 318.056569][ T26] audit: type=1326 audit(1773847164.481:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10928 comm="syz.1.2382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1c85e3a517 code=0x7ffc0000 [ 318.490735][T10955] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2391'. [ 321.634644][T10997] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 321.644791][T10997] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 321.655767][T10997] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 321.665156][T10997] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 321.873255][T11008] netlink: 2028 bytes leftover after parsing attributes in process `syz.0.2417'. [ 321.932646][T11008] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2417'. [ 322.258353][T11053] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2427'. [ 322.291071][T11053] device hsr_slave_0 left promiscuous mode [ 322.320303][T11053] device hsr_slave_1 left promiscuous mode [ 322.605203][T11068] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2432'. [ 322.624723][T11068] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2432'. [ 322.686915][T11076] overlayfs: failed to clone lowerpath [ 322.694620][T11077] netlink: 2028 bytes leftover after parsing attributes in process `syz.3.2433'. [ 322.707159][T11076] overlayfs: failed to clone lowerpath [ 322.713517][T11077] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2433'. [ 322.789983][ T26] kauditd_printk_skb: 690 callbacks suppressed [ 322.790000][ T26] audit: type=1326 audit(1773847169.701:766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11080 comm="syz.2.2439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 322.834623][ T26] audit: type=1326 audit(1773847169.721:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11080 comm="syz.2.2439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 322.869554][ T26] audit: type=1326 audit(1773847169.721:768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11080 comm="syz.2.2439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=131 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 322.899221][ T26] audit: type=1326 audit(1773847169.721:769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11080 comm="syz.2.2439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 322.923979][ T26] audit: type=1326 audit(1773847169.721:770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11080 comm="syz.2.2439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 322.948652][ T26] audit: type=1326 audit(1773847169.721:771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11080 comm="syz.2.2439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 322.966900][T11087] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2441'. [ 322.980838][ T26] audit: type=1326 audit(1773847169.721:772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11080 comm="syz.2.2439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 323.008214][T11087] device hsr_slave_0 left promiscuous mode [ 323.014408][ T26] audit: type=1326 audit(1773847169.721:773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11080 comm="syz.2.2439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 323.038394][T11087] device hsr_slave_1 left promiscuous mode [ 323.076068][ T26] audit: type=1326 audit(1773847169.721:774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11080 comm="syz.2.2439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 323.099782][ T26] audit: type=1326 audit(1773847169.721:775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11080 comm="syz.2.2439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 324.020846][T11116] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2453'. [ 324.030890][T11116] device hsr_slave_0 left promiscuous mode [ 324.040247][T11116] device hsr_slave_1 left promiscuous mode [ 326.406031][T11132] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 326.426141][T11132] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 326.440340][T11132] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 326.459230][T11132] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 327.223292][T11132] netdevsim netdevsim4 netdevsim0: unset [1, 1] type 2 family 0 port 20004 - 0 [ 327.239424][T11132] netdevsim netdevsim4 netdevsim1: unset [1, 1] type 2 family 0 port 20004 - 0 [ 327.248926][T11132] netdevsim netdevsim4 netdevsim2: unset [1, 1] type 2 family 0 port 20004 - 0 [ 327.268131][T11132] netdevsim netdevsim4 netdevsim3: unset [1, 1] type 2 family 0 port 20004 - 0 [ 327.409504][T11132] netdevsim netdevsim4 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 327.420737][T11132] netdevsim netdevsim4 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 327.430761][T11132] netdevsim netdevsim4 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 327.442076][T11132] netdevsim netdevsim4 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 328.650454][ T26] kauditd_printk_skb: 3190 callbacks suppressed [ 328.650472][ T26] audit: type=1326 audit(1773847175.561:3966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11258 comm="syz.0.2517" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3ec09d7799 code=0x0 [ 329.633652][T11240] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 329.643617][T11240] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 329.653576][T11240] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 329.663124][T11240] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 329.838020][T11240] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 329.847779][T11240] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 329.857826][T11240] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 329.867137][T11240] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 329.905953][T11246] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2512'. [ 329.921514][T11246] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 329.930586][T11246] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 329.940208][T11246] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 329.949568][T11246] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 330.023958][T11246] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2512'. [ 330.900733][T11304] xt_recent: Unsupported userspace flags (000000b1) [ 331.077229][ T26] audit: type=1326 audit(1773847177.991:3967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11305 comm="syz.4.2535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b2179f799 code=0x7ffc0000 [ 331.152726][ T26] audit: type=1326 audit(1773847177.991:3968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11305 comm="syz.4.2535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b2179f799 code=0x7ffc0000 [ 331.196053][ T26] audit: type=1326 audit(1773847178.021:3969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11305 comm="syz.4.2535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=131 compat=0 ip=0x7f0b2179f799 code=0x7ffc0000 [ 331.282569][ T26] audit: type=1326 audit(1773847178.021:3970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11305 comm="syz.4.2535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b2179f799 code=0x7ffc0000 [ 331.359002][ T26] audit: type=1326 audit(1773847178.021:3971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11305 comm="syz.4.2535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b2179f799 code=0x7ffc0000 [ 331.423582][ T26] audit: type=1326 audit(1773847178.021:3972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11305 comm="syz.4.2535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f0b2179f799 code=0x7ffc0000 [ 331.485647][ T26] audit: type=1326 audit(1773847178.021:3973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11305 comm="syz.4.2535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b2179f799 code=0x7ffc0000 [ 331.557753][ T26] audit: type=1326 audit(1773847178.021:3974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11305 comm="syz.4.2535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b2179f799 code=0x7ffc0000 [ 331.620820][ T26] audit: type=1326 audit(1773847178.021:3975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11305 comm="syz.4.2535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f0b2179f799 code=0x7ffc0000 [ 332.080316][T11327] raw_sendmsg: syz.1.2543 forgot to set AF_INET. Fix it! [ 332.279881][T11337] xt_recent: Unsupported userspace flags (000000b1) [ 332.558255][T11355] overlayfs: failed to clone upperpath [ 334.126396][T11389] overlayfs: failed to clone upperpath [ 334.870640][T11360] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 334.880043][T11360] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 334.895703][T11360] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 334.907814][T11360] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 335.191242][T11360] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 335.200655][T11360] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 335.210365][T11360] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 335.219847][T11360] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 335.298451][T11375] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 335.457437][T11375] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 335.508648][T11405] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2576'. [ 335.528738][T11405] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready [ 335.566418][T11375] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 335.668380][T11375] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 335.784051][T11375] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 335.830928][T11375] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 335.867150][T11375] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 335.911391][T11375] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 335.931281][T11415] Invalid ELF header magic: != ELF [ 336.160765][T11434] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2588'. [ 336.196624][T11434] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready [ 336.994136][T11452] Invalid ELF header magic: != ELF [ 337.183601][T11467] netlink: 'syz.1.2601': attribute type 1 has an invalid length. [ 337.218513][T11467] 8021q: adding VLAN 0 to HW filter on device bond4 [ 337.227158][T11465] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2612'. [ 337.280282][T11465] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready [ 337.293969][T11475] netlink: 'syz.2.2602': attribute type 10 has an invalid length. [ 337.307925][T11475] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 337.335679][T11467] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 337.359138][T11467] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 337.387362][T11467] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 337.420801][T11467] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 337.464766][T11467] bond4: (slave geneve2): making interface the new active one [ 337.479100][T11488] Invalid ELF header magic: != ELF [ 337.501441][T11467] bond4: (slave geneve2): Enslaving as an active interface with an up link [ 337.523542][ T4242] IPv6: ADDRCONF(NETDEV_CHANGE): bond4: link becomes ready [ 337.689100][T11467] syz.1.2601 (11467) used greatest stack depth: 20112 bytes left [ 337.845944][T11518] netlink: 'syz.1.2622': attribute type 10 has an invalid length. [ 337.900345][T11524] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2627'. [ 337.936437][T11524] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready [ 338.484048][T11529] netlink: 'syz.1.2629': attribute type 5 has an invalid length. [ 338.602073][T11539] netlink: 'syz.0.2633': attribute type 1 has an invalid length. [ 338.649165][T11539] 8021q: adding VLAN 0 to HW filter on device bond3 [ 338.732986][T11539] bond3: (slave geneve3): making interface the new active one [ 338.756519][T11539] bond3: (slave geneve3): Enslaving as an active interface with an up link [ 338.766543][ T4393] IPv6: ADDRCONF(NETDEV_CHANGE): bond3: link becomes ready [ 339.267899][T11571] netlink: 'syz.0.2646': attribute type 5 has an invalid length. [ 339.591994][T11586] netlink: 'syz.2.2653': attribute type 1 has an invalid length. [ 339.729903][T11586] 8021q: adding VLAN 0 to HW filter on device bond4 [ 339.793807][T11591] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 339.842658][T11591] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 339.851950][T11591] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 339.872533][T11591] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 339.967736][T11591] bond4: (slave geneve2): making interface the new active one [ 339.993640][T11591] bond4: (slave geneve2): Enslaving as an active interface with an up link [ 340.016538][ T4402] IPv6: ADDRCONF(NETDEV_CHANGE): bond4: link becomes ready [ 341.090722][T11625] batman_adv: batadv0: Adding interface: dummy0 [ 341.112794][T11625] batman_adv: batadv0: The MTU of interface dummy0 is too small (1280) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 341.170602][T11625] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active [ 341.230122][T11636] netlink: 'syz.3.2669': attribute type 10 has an invalid length. [ 341.251464][T11635] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 341.317592][T11635] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 341.337003][T11643] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2673'. [ 341.391168][T11635] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 341.467548][T11635] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 341.485043][T11651] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2674'. [ 341.576135][T11635] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 341.626614][T11635] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 341.648367][T11635] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 341.664607][T11635] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 342.254716][T11676] overlayfs: failed to clone upperpath [ 342.324798][T11658] netlink: 'syz.4.2680': attribute type 5 has an invalid length. [ 342.852829][T11694] netlink: 'syz.0.2687': attribute type 10 has an invalid length. [ 343.364784][T11715] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2698'. [ 343.830232][T11718] overlayfs: failed to clone upperpath [ 345.246241][T11755] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2712'. [ 346.161991][T11779] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.2729'. [ 346.317239][T11789] sctp: [Deprecated]: syz.2.2724 (pid 11789) Use of struct sctp_assoc_value in delayed_ack socket option. [ 346.317239][T11789] Use struct sctp_sack_info instead [ 346.382983][T11793] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2726'. [ 347.018574][T11809] batman_adv: batadv0: Adding interface: dummy0 [ 347.030934][T11809] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 347.071806][T11809] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active [ 347.169417][T11822] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.2739'. [ 348.106225][T11873] sctp: [Deprecated]: syz.3.2762 (pid 11873) Use of struct sctp_assoc_value in delayed_ack socket option. [ 348.106225][T11873] Use struct sctp_sack_info instead [ 348.500211][T11888] xt_TPROXY: Can be used only with -p tcp or -p udp [ 348.957494][T11894] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2774'. [ 349.396882][T11911] netlink: 51 bytes leftover after parsing attributes in process `syz.0.2779'. [ 350.855277][T12006] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2813'. [ 350.873803][T12006] bond0 (unregistering): Released all slaves [ 351.611725][T12033] tipc: Cannot configure node identity twice [ 352.802311][T12068] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2840'. [ 352.834752][T12068] netlink: 'syz.1.2840': attribute type 2 has an invalid length. [ 353.090862][T12074] netlink: 14 bytes leftover after parsing attributes in process `syz.4.2843'. [ 353.981626][T12119] overlayfs: failed to clone upperpath [ 353.997485][T12119] overlayfs: failed to clone upperpath [ 354.694500][T12135] overlayfs: failed to clone upperpath [ 355.079383][T12162] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2877'. [ 355.096874][T12162] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2877'. [ 355.318671][ T26] kauditd_printk_skb: 2609 callbacks suppressed [ 355.318688][ T26] audit: type=1326 audit(1773847202.231:6585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12169 comm="syz.2.2880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 355.414874][ T26] audit: type=1326 audit(1773847202.231:6586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12169 comm="syz.2.2880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 355.462545][ T26] audit: type=1326 audit(1773847202.231:6587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12169 comm="syz.2.2880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 355.487863][ T26] audit: type=1326 audit(1773847202.241:6588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12169 comm="syz.2.2880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 355.517074][ T26] audit: type=1326 audit(1773847202.251:6589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12169 comm="syz.2.2880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 355.550331][ T26] audit: type=1326 audit(1773847202.271:6590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12169 comm="syz.2.2880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 355.596892][ T26] audit: type=1326 audit(1773847202.271:6591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12169 comm="syz.2.2880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 355.666585][ T26] audit: type=1326 audit(1773847202.271:6592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12169 comm="syz.2.2880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 355.721446][ T26] audit: type=1326 audit(1773847202.271:6593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12169 comm="syz.2.2880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 355.788462][ T26] audit: type=1326 audit(1773847202.271:6594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12169 comm="syz.2.2880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 356.209131][T12206] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2895'. [ 356.271441][T12208] netlink: 2028 bytes leftover after parsing attributes in process `syz.4.2894'. [ 356.287742][T12208] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2894'. [ 356.397885][T12215] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2898'. [ 356.548982][T12223] overlayfs: failed to clone upperpath [ 358.856671][T12304] netlink: 7 bytes leftover after parsing attributes in process `syz.1.2935'. [ 359.344835][T12330] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2946'. [ 361.862384][T12420] overlayfs: failed to resolve './file1': -2 [ 362.402303][T12440] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 362.872154][T12458] 9pnet: p9_errstr2errno: server reported unknown error 184467440 [ 365.103625][T12529] overlayfs: failed to clone upperpath [ 365.618227][T12542] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3032'. [ 365.650330][T12542] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3032'. [ 366.195509][ T26] kauditd_printk_skb: 30 callbacks suppressed [ 366.195526][ T26] audit: type=1326 audit(1773847213.111:6625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12580 comm="syz.1.3048" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1c85e40799 code=0x0 [ 367.209422][T12597] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3053'. [ 367.629155][T12622] netlink: 'syz.1.3063': attribute type 10 has an invalid length. [ 367.659868][T12626] netlink: 52 bytes leftover after parsing attributes in process `syz.3.3065'. [ 367.674636][T12626] netlink: 52 bytes leftover after parsing attributes in process `syz.3.3065'. [ 368.263408][T12652] netlink: 220 bytes leftover after parsing attributes in process `syz.1.3074'. [ 368.382564][ C0] af_packet: tpacket_rcv: packet too big, clamped from 26 to 4294967286. macoff=82 [ 369.011992][T12694] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3087'. [ 369.348458][T12707] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3091'. [ 369.529241][T12714] overlayfs: failed to clone upperpath [ 369.619007][T12720] overlayfs: failed to clone upperpath [ 369.686516][T12723] overlayfs: failed to clone upperpath [ 369.705037][T12727] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3099'. [ 369.839448][T12736] tipc: Enabling of bearer rejected, failed to enable media [ 370.939735][T12775] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 370.949745][T12775] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 370.959219][T12775] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 370.968747][T12775] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 371.306874][T12784] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3124'. [ 371.599411][T12802] overlayfs: failed to clone upperpath [ 371.958145][T12834] netlink: 'syz.4.3142': attribute type 39 has an invalid length. [ 372.159876][T12836] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3143'. [ 373.759033][T12889] overlayfs: failed to clone upperpath [ 373.870834][T12891] cgroup: Setting release_agent not allowed [ 374.375248][T12913] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 374.401141][T12913] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 374.440998][T12913] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 374.480375][T12913] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 374.575869][T12916] netlink: 'syz.0.3176': attribute type 10 has an invalid length. [ 374.612281][T12922] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready [ 374.789652][T12922] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready [ 374.828171][T12922] bond3: (slave geneve3): Releasing active interface [ 374.883914][T12926] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3175'. [ 375.139731][T12951] overlayfs: failed to clone lowerpath [ 375.338667][T12958] overlayfs: failed to clone upperpath [ 375.735398][T12980] overlayfs: failed to clone upperpath [ 376.664029][T13022] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3209'. [ 377.758236][T13058] syz.4.3221 (13058) used greatest stack depth: 19856 bytes left [ 378.875244][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.881785][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.380189][T13092] overlayfs: failed to clone upperpath [ 379.779624][T13103] tipc: Started in network mode [ 379.798040][T13103] tipc: Node identity 84e, cluster identity 4711 [ 379.817116][T13103] tipc: Node number set to 2126 [ 379.913547][T13107] overlayfs: failed to clone upperpath [ 380.741046][T13141] netlink: 'syz.3.3254': attribute type 10 has an invalid length. [ 381.201564][T13150] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3258'. [ 381.332922][T13150] netlink: 'syz.0.3258': attribute type 2 has an invalid length. [ 384.028842][ T26] audit: type=1326 audit(1773847230.941:6626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13221 comm="syz.2.3297" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3af376a799 code=0x0 [ 385.002716][T13253] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 386.835726][T13281] tipc: Failed to remove unknown binding: 66,1,1/0:1909566952/1909566954 [ 386.913531][T13281] tipc: Failed to remove unknown binding: 66,1,1/0:1909566952/1909566954 [ 386.942771][T13281] tipc: Failed to remove unknown binding: 66,1,1/0:1909566952/1909566954 [ 388.242498][T13325] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3323'. [ 388.299244][T13325] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3323'. [ 388.488916][T13336] netlink: 2028 bytes leftover after parsing attributes in process `syz.1.3326'. [ 388.518670][T13336] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3326'. [ 390.117031][T13339] overlayfs: failed to clone upperpath [ 390.219612][T13364] tipc: Enabling of bearer rejected, failed to enable media [ 390.667424][T13376] overlayfs: failed to clone upperpath [ 391.701458][T13396] netlink: 'syz.2.3352': attribute type 10 has an invalid length. [ 391.765202][T13396] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 391.805946][T13400] bond0: (slave wlan1): Slave does not support ipsec offload [ 391.862720][T13399] batman_adv: batadv0: Removing interface: dummy0 [ 391.932314][T13399] bond0: (slave netdevsim0): Releasing backup interface [ 391.990521][T13399] bond0: (slave wlan1): Releasing backup interface [ 392.010375][T13399] bond4: (slave geneve2): Releasing active interface [ 392.231526][T13410] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 392.258324][T13410] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 392.268336][T13410] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 392.278820][T13410] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 392.548399][T13427] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3363'. [ 392.569658][T13427] bond0 (unregistering): Released all slaves [ 393.239766][T13440] netlink: 2028 bytes leftover after parsing attributes in process `syz.4.3368'. [ 393.269909][T13440] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3368'. [ 398.452090][T13519] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 398.461004][T13519] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 398.470393][T13519] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 398.479865][T13519] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 398.611380][T13527] netlink: 'syz.1.3401': attribute type 39 has an invalid length. [ 398.668619][T13530] netlink: 'syz.3.3402': attribute type 10 has an invalid length. [ 398.686120][T13530] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 398.697434][T13531] bond0: (slave netdevsim0): Releasing backup interface [ 398.791094][T13555] netlink: 'syz.2.3411': attribute type 10 has an invalid length. [ 398.801828][T13555] device veth0_vlan left promiscuous mode [ 398.812052][T13555] device veth0_vlan entered promiscuous mode [ 398.820865][T13555] team0: Device veth0_vlan failed to register rx_handler [ 398.851895][T13558] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3412'. [ 398.879894][T13559] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3412'. [ 398.985100][T13563] device batadv_slave_0 entered promiscuous mode [ 398.999284][T13562] device batadv_slave_0 left promiscuous mode [ 400.288115][T13617] netlink: 'syz.4.3435': attribute type 10 has an invalid length. [ 400.311732][T13617] team0: Port device bond1 removed [ 400.336625][T13617] bond2: (slave geneve2): Releasing active interface [ 401.737801][T13639] overlayfs: failed to clone upperpath [ 402.970617][T13663] netlink: 'syz.1.3451': attribute type 10 has an invalid length. [ 403.016998][T13663] batman_adv: batadv0: Removing interface: dummy0 [ 403.054786][T13663] team0: Port device bond1 removed [ 403.066114][T13663] bond2: (slave bond3): Releasing backup interface [ 403.081238][T13663] bond4: (slave geneve2): Releasing active interface [ 403.845172][T13697] device batadv_slave_0 entered promiscuous mode [ 404.031107][T13704] overlayfs: failed to clone upperpath [ 406.285336][T13792] netlink: 'syz.3.3499': attribute type 10 has an invalid length. [ 406.318146][T13792] device veth1_vlan left promiscuous mode [ 406.371239][T13792] team0: Device veth1_vlan failed to register rx_handler [ 407.135344][T13822] xt_addrtype: ipv6 BLACKHOLE matching not supported [ 407.428432][T13840] netlink: 'syz.4.3517': attribute type 9 has an invalid length. [ 407.448218][T13840] netlink: 16166 bytes leftover after parsing attributes in process `syz.4.3517'. [ 407.858442][ T26] audit: type=1326 audit(1773847254.771:6627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13844 comm="syz.4.3519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b2179f799 code=0x7ffc0000 [ 407.946106][ T26] audit: type=1326 audit(1773847254.771:6628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13844 comm="syz.4.3519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b2179f799 code=0x7ffc0000 [ 408.033485][ T26] audit: type=1326 audit(1773847254.801:6629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13844 comm="syz.4.3519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b2179f799 code=0x7ffc0000 [ 408.192574][ T26] audit: type=1326 audit(1773847254.801:6630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13844 comm="syz.4.3519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b2179f799 code=0x7ffc0000 [ 408.266810][ T26] audit: type=1326 audit(1773847254.801:6631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13844 comm="syz.4.3519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b2179f799 code=0x7ffc0000 [ 408.344942][ T26] audit: type=1326 audit(1773847254.801:6632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13844 comm="syz.4.3519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b2179f799 code=0x7ffc0000 [ 408.411848][ T26] audit: type=1326 audit(1773847254.801:6633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13844 comm="syz.4.3519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b2179f799 code=0x7ffc0000 [ 408.512957][ T26] audit: type=1326 audit(1773847254.801:6634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13844 comm="syz.4.3519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b2179f799 code=0x7ffc0000 [ 408.594972][ T26] audit: type=1326 audit(1773847254.801:6635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13844 comm="syz.4.3519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b2179f799 code=0x7ffc0000 [ 408.658371][ T26] audit: type=1326 audit(1773847254.801:6636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13844 comm="syz.4.3519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f0b2179f799 code=0x7ffc0000 [ 411.994086][T13951] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 412.457824][T13962] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3564'. [ 412.621475][T13972] overlayfs: failed to clone upperpath [ 412.887925][T13984] netlink: 'syz.3.3574': attribute type 10 has an invalid length. [ 412.961619][T13984] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 412.989786][T13984] team0: Failed to send options change via netlink (err -105) [ 413.007106][T13984] team0: Port device dummy0 added [ 413.444982][T14002] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3580'. [ 413.512967][T14004] team0: Port device dummy0 removed [ 413.576755][T14004] team0: Mode changed to "loadbalance" [ 414.076279][T14036] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3593'. [ 415.557308][T14090] netlink: 'syz.3.3616': attribute type 10 has an invalid length. [ 415.574322][T14090] device veth0_vlan left promiscuous mode [ 415.599333][T14090] device veth0_vlan entered promiscuous mode [ 415.629616][T14090] team0: Device veth0_vlan failed to register rx_handler [ 416.408023][T14131] netlink: 'syz.1.3633': attribute type 10 has an invalid length. [ 416.434156][T14131] device veth0_vlan left promiscuous mode [ 416.456164][T14131] device veth0_vlan entered promiscuous mode [ 416.484826][T14131] team0: Device veth0_vlan failed to register rx_handler [ 416.813552][T14152] tipc: Failed to remove unknown binding: 66,0,0/1648496653:1373968783/1373968784 [ 416.852376][T14152] tipc: Failed to remove unknown binding: 66,0,0/1648496653:1373968783/1373968784 [ 417.907827][T14175] netlink: 'syz.0.3649': attribute type 10 has an invalid length. [ 417.920924][T14175] device veth0_vlan left promiscuous mode [ 417.930938][T14175] device veth0_vlan entered promiscuous mode [ 417.940960][T14175] team0: Device veth0_vlan failed to register rx_handler [ 417.993587][T14181] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3652'. [ 418.063541][T14185] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3654'. [ 418.210315][T14196] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3660'. [ 418.259103][T14198] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3659'. [ 418.307072][T14198] device team1 entered promiscuous mode [ 418.330617][T14198] 8021q: adding VLAN 0 to HW filter on device team1 [ 418.355705][T14204] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3659'. [ 418.430159][T14204] device team2 entered promiscuous mode [ 418.449857][T14204] 8021q: adding VLAN 0 to HW filter on device team2 [ 419.467660][T14225] tipc: Failed to remove unknown binding: 66,1,1/0:2891553152/2891553154 [ 419.639840][T14236] tipc: Failed to remove unknown binding: 66,1,1/0:2891553152/2891553154 [ 419.648614][T14236] tipc: Failed to remove unknown binding: 66,1,1/0:2891553152/2891553154 [ 419.806975][T14246] netlink: 'syz.4.3674': attribute type 10 has an invalid length. [ 419.829847][T14246] device veth0_vlan left promiscuous mode [ 419.870482][T14246] device veth0_vlan entered promiscuous mode [ 419.893710][T14246] team0: Device veth0_vlan failed to register rx_handler [ 420.458978][T14272] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3687'. [ 420.850165][T14282] netlink: 'syz.1.3690': attribute type 10 has an invalid length. [ 420.883931][T14282] device veth0_vlan left promiscuous mode [ 420.891451][T14282] device veth0_vlan entered promiscuous mode [ 420.900411][T14282] team0: Device veth0_vlan failed to register rx_handler [ 421.003710][T14292] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3693'. [ 421.500804][T14333] netlink: 'syz.0.3706': attribute type 10 has an invalid length. [ 421.519940][T14333] device veth0_vlan left promiscuous mode [ 421.549654][T14333] device veth0_vlan entered promiscuous mode [ 421.571009][T14333] team0: Device veth0_vlan failed to register rx_handler [ 422.808859][T14350] overlayfs: failed to clone upperpath [ 422.818673][T14350] overlayfs: failed to clone upperpath [ 422.901913][T14360] overlayfs: failed to clone upperpath [ 423.122091][T14374] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3724'. [ 423.239289][T14374] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3724'. [ 423.441994][T14384] device veth0 entered promiscuous mode [ 423.504542][T14384] device veth0 left promiscuous mode [ 424.288517][T14389] netlink: 'syz.0.3729': attribute type 27 has an invalid length. [ 424.439371][ T4202] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201' [ 424.450325][ T4202] CPU: 1 PID: 4202 Comm: kworker/u5:8 Not tainted syzkaller #0 [ 424.458577][ T4202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 424.465422][T14403] netlink: 'syz.0.3734': attribute type 1 has an invalid length. [ 424.468972][ T4202] Workqueue: hci0 hci_rx_work [ 424.482278][ T4202] Call Trace: [ 424.485693][ T4202] [ 424.488856][ T4202] dump_stack_lvl+0x188/0x250 [ 424.494113][ T4202] ? show_regs_print_info+0x20/0x20 [ 424.499362][ T4202] ? load_image+0x400/0x400 [ 424.503934][ T4202] sysfs_create_dir_ns+0x26a/0x290 [ 424.509179][ T4202] ? sysfs_warn_dup+0xa0/0xa0 [ 424.513992][ T4202] ? process_one_work+0x85f/0x1010 [ 424.519594][ T4202] ? do_raw_spin_unlock+0x11d/0x230 [ 424.524873][ T4202] kobject_add_internal+0x6e0/0xd90 [ 424.530330][ T4202] kobject_add+0x160/0x230 [ 424.534825][ T4202] ? kobject_init+0x1d0/0x1d0 [ 424.539735][ T4202] ? klist_children_get+0x50/0x50 [ 424.545023][ T4202] ? get_device_parent+0x121/0x3f0 [ 424.550289][ T4202] device_add+0x483/0xfb0 [ 424.554691][ T4202] hci_conn_add_sysfs+0xd1/0x1e0 [ 424.559690][ T4202] le_conn_complete_evt+0xc48/0x15c0 [ 424.565303][ T4202] ? cs_le_create_conn+0x5e0/0x5e0 [ 424.570806][ T4202] ? __mutex_trylock_common+0x155/0x260 [ 424.576672][ T4202] hci_le_meta_evt+0x285/0x3c90 [ 424.581577][ T4202] ? hci_event_packet+0x37b/0x1370 [ 424.587129][ T4202] ? __lock_acquire+0x7d10/0x7d10 [ 424.592450][ T4202] ? hci_remote_host_features_evt+0x280/0x280 [ 424.598725][ T4202] ? __mutex_unlock_slowpath+0x1b0/0x6c0 [ 424.604490][ T4202] ? mark_lock+0x94/0x320 [ 424.608971][ T4202] ? mutex_unlock+0x10/0x10 [ 424.614224][ T4202] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 424.620554][ T4202] ? lock_chain_count+0x20/0x20 [ 424.625579][ T4202] ? __rwlock_init+0x140/0x140 [ 424.630426][ T4202] hci_event_packet+0xe48/0x1370 [ 424.635881][ T4202] ? lockdep_hardirqs_on+0x94/0x140 [ 424.641152][ T4202] ? rcu_lock_release+0x20/0x20 [ 424.646366][ T4202] ? hci_send_to_monitor+0x9c/0x4a0 [ 424.651836][ T4202] hci_rx_work+0x255/0xa10 [ 424.656429][ T4202] process_one_work+0x85f/0x1010 [ 424.661538][ T4202] ? worker_detach_from_pool+0x240/0x240 [ 424.667592][ T4202] ? lockdep_hardirqs_off+0x70/0x100 [ 424.673127][ T4202] ? _raw_spin_lock_irq+0xb7/0xf0 [ 424.678478][ T4202] ? _raw_spin_lock_irqsave+0x100/0x100 [ 424.684261][ T4202] ? wq_worker_running+0x97/0x170 [ 424.689622][ T4202] worker_thread+0xaa6/0x1290 [ 424.694551][ T4202] ? lockdep_hardirqs_on+0x94/0x140 [ 424.700350][ T4202] ? _raw_spin_unlock_irqrestore+0xc1/0x120 [ 424.706763][ T4202] kthread+0x436/0x520 [ 424.711159][ T4202] ? rcu_lock_release+0x20/0x20 [ 424.716331][ T4202] ? kthread_blkcg+0xd0/0xd0 [ 424.720983][ T4202] ret_from_fork+0x1f/0x30 [ 424.725671][ T4202] [ 424.730369][ T4202] kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 424.743809][ T4202] Bluetooth: hci0: failed to register connection device [ 424.796438][T14403] 8021q: adding VLAN 0 to HW filter on device bond4 [ 424.836966][T14405] bond4: (slave ip6erspan0): making interface the new active one [ 424.870899][T14405] bond4: (slave ip6erspan0): Enslaving as an active interface with an up link [ 424.901568][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): bond4: link becomes ready [ 425.023064][T14415] netlink: 'syz.0.3737': attribute type 10 has an invalid length. [ 425.042684][T14415] device veth0_vlan left promiscuous mode [ 425.063141][T14415] device veth0_vlan entered promiscuous mode [ 425.071195][T14415] team0: Device veth0_vlan failed to register rx_handler [ 426.027230][T14457] device batadv_slave_0 entered promiscuous mode [ 426.289927][T14470] IPVS: fo: SCTP 172.20.20.187:0 - no destination available [ 426.877017][T14499] overlayfs: failed to clone upperpath [ 426.926155][T14500] netlink: 16158 bytes leftover after parsing attributes in process `syz.4.3771'. [ 427.134630][ T26] kauditd_printk_skb: 29 callbacks suppressed [ 427.134647][ T26] audit: type=1326 audit(1773847274.051:6666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14508 comm="syz.1.3775" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1c85e40799 code=0x0 [ 427.177078][T14511] device wg1 entered promiscuous mode [ 427.877473][T14532] overlayfs: failed to clone upperpath [ 428.115070][T14539] tipc: Failed to remove unknown binding: 66,1,1/0:2669769961/2669769963 [ 428.164236][T14539] tipc: Failed to remove unknown binding: 66,1,1/0:2669769961/2669769963 [ 428.182644][T14539] tipc: Failed to remove unknown binding: 66,1,1/0:2669769961/2669769963 [ 428.278427][T14545] tipc: Cannot configure node identity twice [ 428.441813][T14554] netlink: 'syz.2.3793': attribute type 1 has an invalid length. [ 428.619774][T14554] 8021q: adding VLAN 0 to HW filter on device bond5 [ 428.765833][T14555] bond5: (slave ip6gretap1): making interface the new active one [ 428.821505][T14555] bond5: (slave ip6gretap1): Enslaving as an active interface with an up link [ 428.848802][ T4278] IPv6: ADDRCONF(NETDEV_CHANGE): bond5: link becomes ready [ 429.592609][T14590] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3804'. [ 429.719010][T14590] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3804'. [ 432.225235][T14631] IPVS: fo: SCTP 172.20.20.187:0 - no destination available [ 432.550324][T14640] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3820'. [ 432.677409][T14645] device bond0 entered promiscuous mode [ 432.942343][T14662] netlink: 64 bytes leftover after parsing attributes in process `syz.1.3827'. [ 433.310024][T14680] device veth0 entered promiscuous mode [ 433.508782][T14680] device veth0 left promiscuous mode [ 435.553356][T14715] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3844'. [ 435.655045][T14717] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3846'. [ 436.056198][T14719] bond5: (slave veth21): Enslaving as an active interface with a down link [ 436.310538][T14746] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3854'. [ 436.699008][T14768] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3861'. [ 439.918390][T14824] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 440.109454][T14836] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3887'. [ 440.315393][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.322712][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.696201][T14859] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3896'. [ 440.875345][T14862] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 441.273409][T14878] 9pnet: p9_errstr2errno: server reported unknown error n$Ž[ [ 441.273409][T14878] Q&|xùX [ 441.580522][T14887] netlink: 52 bytes leftover after parsing attributes in process `syz.2.3907'. [ 441.703578][T14893] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3910'. [ 441.764630][T14892] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 444.277168][T14941] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3926'. [ 445.649405][T14956] 9pnet: Insufficient options for proto=fd [ 446.988689][T14976] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3939'. [ 447.056043][T14975] Process accounting resumed [ 448.793713][T15014] tipc: Enabling of bearer rejected, failed to enable media [ 450.393814][T15070] overlayfs: failed to clone upperpath [ 453.800401][T15161] tipc: Failed to remove unknown binding: 66,0,0/1648496653:4187290423/4187290424 [ 453.856800][T15161] tipc: Failed to remove unknown binding: 66,0,0/1648496653:4187290423/4187290424 [ 454.065198][T15168] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3999'. [ 454.204165][T15172] overlayfs: failed to clone upperpath [ 454.375651][T15179] device gre0 entered promiscuous mode [ 454.571081][T15187] bond0: ARP monitoring cannot be used with MII monitoring [ 455.802164][ T26] audit: type=1326 audit(2000000005.080:6667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15238 comm="syz.0.4022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ec09d7799 code=0x7ffc0000 [ 455.872536][ T26] audit: type=1326 audit(2000000005.120:6668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15238 comm="syz.0.4022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3ec09d742b code=0x7ffc0000 [ 455.959594][ T26] audit: type=1326 audit(2000000005.120:6669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15238 comm="syz.0.4022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3ec09d742b code=0x7ffc0000 [ 456.026306][ T26] audit: type=1326 audit(2000000005.120:6670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15238 comm="syz.0.4022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3ec09d742b code=0x7ffc0000 [ 456.192590][ T26] audit: type=1326 audit(2000000005.120:6671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15238 comm="syz.0.4022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3ec09d742b code=0x7ffc0000 [ 456.219944][T15251] syz.2.4026[15251] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 456.220111][T15251] syz.2.4026[15251] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 456.255358][ T26] audit: type=1326 audit(2000000005.120:6672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15238 comm="syz.0.4022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3ec09d742b code=0x7ffc0000 [ 457.089965][ T26] audit: type=1326 audit(2000000005.120:6673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15238 comm="syz.0.4022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3ec09d742b code=0x7ffc0000 [ 457.157884][ T26] audit: type=1326 audit(2000000005.120:6674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15238 comm="syz.0.4022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3ec09d742b code=0x7ffc0000 [ 457.284398][T15256] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4027'. [ 457.322603][T15256] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4027'. [ 457.333338][ T26] audit: type=1326 audit(2000000005.120:6675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15238 comm="syz.0.4022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3ec09d742b code=0x7ffc0000 [ 457.415758][ T26] audit: type=1326 audit(2000000005.120:6676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15238 comm="syz.0.4022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3ec09d742b code=0x7ffc0000 [ 457.499804][T15256] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 457.509593][T15256] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 457.519491][T15256] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 457.528536][T15256] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 460.258266][T15289] overlayfs: failed to clone upperpath [ 462.273905][T15325] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4051'. [ 463.052309][T15348] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4059'. [ 463.411527][T15360] overlayfs: failed to clone upperpath [ 464.486167][T15383] sctp: [Deprecated]: syz.4.4072 (pid 15383) Use of struct sctp_assoc_value in delayed_ack socket option. [ 464.486167][T15383] Use struct sctp_sack_info instead [ 464.629561][T15387] netlink: 52 bytes leftover after parsing attributes in process `syz.2.4074'. [ 464.667020][T15387] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4074'. [ 464.852896][T15396] IPv6: ADDRCONF(NETDEV_CHANGE): gre3: link becomes ready [ 465.261980][T15415] overlayfs: failed to clone upperpath [ 468.225385][T15450] 9pnet: Insufficient options for proto=fd [ 474.853937][T15552] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4129'. [ 475.372413][T15568] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4133'. [ 475.901187][T15581] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4139'. [ 478.573003][ T26] kauditd_printk_skb: 20 callbacks suppressed [ 478.573020][ T26] audit: type=1326 audit(2000000006.200:6697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15613 comm="syz.2.4147" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x0 [ 479.020837][T15639] sctp: [Deprecated]: syz.1.4156 (pid 15639) Use of struct sctp_assoc_value in delayed_ack socket option. [ 479.020837][T15639] Use struct sctp_sack_info instead [ 480.671148][T15650] device ipvlan3 entered promiscuous mode [ 480.708837][T15650] team0: Device ipvlan3 failed to register rx_handler [ 480.938213][T15655] 9p: Unknown uid 18446744073709551615 [ 480.987791][T15655] overlayfs: failed to clone upperpath [ 481.459867][T15652] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4160'. [ 481.617440][T15675] bond3: (slave bridge10): making interface the new active one [ 481.670778][T15675] bond3: (slave bridge10): Enslaving as an active interface with an up link [ 483.573176][T15710] 9pnet: Insufficient options for proto=fd [ 484.700472][T15723] overlayfs: failed to clone upperpath [ 485.508519][ T26] audit: type=1326 audit(2000000013.130:6698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15731 comm="syz.3.4189" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8cbd364799 code=0x0 [ 485.606741][T15736] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4191'. [ 485.687333][T15736] device ip6gre1 entered promiscuous mode [ 485.739413][T15736] netlink: 'syz.4.4191': attribute type 6 has an invalid length. [ 485.766518][T15736] netlink: 72 bytes leftover after parsing attributes in process `syz.4.4191'. [ 486.185024][T15758] overlayfs: failed to clone upperpath [ 486.450225][T15765] PKCS8: Unsupported PKCS#8 version [ 488.622672][T15785] syz.3.4207[15785] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 488.622782][T15785] syz.3.4207[15785] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 490.700732][T15829] netlink: 'syz.1.4225': attribute type 1 has an invalid length. [ 490.836041][T15829] 8021q: adding VLAN 0 to HW filter on device bond6 [ 491.061628][T15826] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4223'. [ 491.911762][T15832] device ipip0 entered promiscuous mode [ 491.943360][T15832] 8021q: adding VLAN 0 to HW filter on device bond6 [ 491.961763][T15832] bond6: (slave ipip0): The slave device specified does not support setting the MAC address [ 491.982442][T15832] bond6: (slave ipip0): Error -95 calling set_mac_address [ 492.025515][T15845] netem: change failed [ 492.223311][T15860] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 492.250685][T15860] sch_tbf: burst 6281 is lower than device lo mtu (65550) ! [ 493.891883][T15879] ceph: No mds server is up or the cluster is laggy [ 494.079622][ T13] libceph: connect (1)[c::]:6789 error -101 [ 494.096618][ T13] libceph: mon0 (1)[c::]:6789 connect error [ 495.897397][T15923] 8021q: adding VLAN 0 to HW filter on device bond3 [ 495.978733][T15923] bond0: (slave bond3): Enslaving as an active interface with a down link [ 496.097486][T15933] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4256'. [ 496.098840][ T26] audit: type=1804 audit(2000000023.717:6699): pid=15935 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.4257" name="bus" dev="ramfs" ino=61391 res=1 errno=0 [ 496.208247][ T26] audit: type=1804 audit(2000000023.787:6700): pid=15936 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.4257" name="bus" dev="ramfs" ino=61391 res=1 errno=0 [ 499.459585][T16003] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4283'. [ 500.439447][T16049] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4298'. [ 500.708160][T16062] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4303'. [ 501.014904][T16079] overlayfs: failed to clone upperpath [ 501.748915][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.755556][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.852609][T16092] device veth1_vlan entered promiscuous mode [ 501.873294][T16092] team0: Device veth1_vlan failed to register rx_handler [ 501.910030][T16094] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4313'. [ 502.220411][ T26] audit: type=1326 audit(2000000029.850:6701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16113 comm="syz.2.4324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 502.273897][ T26] audit: type=1326 audit(2000000029.880:6702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16113 comm="syz.2.4324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 502.325133][T16118] netlink: 'syz.2.4325': attribute type 10 has an invalid length. [ 502.335504][ T26] audit: type=1326 audit(2000000029.880:6703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16113 comm="syz.2.4324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 502.381367][T16118] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 502.407945][ T26] audit: type=1326 audit(2000000029.880:6704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16113 comm="syz.2.4324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 502.419380][ T4400] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 502.447808][ T26] audit: type=1326 audit(2000000029.880:6705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16113 comm="syz.2.4324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 502.477900][ T4400] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 502.496127][ T26] audit: type=1326 audit(2000000029.880:6706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16113 comm="syz.2.4324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 502.533304][ T26] audit: type=1326 audit(2000000029.880:6707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16113 comm="syz.2.4324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 502.563747][ T26] audit: type=1326 audit(2000000029.880:6708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16113 comm="syz.2.4324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3af376a42b code=0x7ffc0000 [ 502.588491][ T26] audit: type=1326 audit(2000000029.880:6709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16113 comm="syz.2.4324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3af376a42b code=0x7ffc0000 [ 502.616175][ T26] audit: type=1326 audit(2000000029.880:6710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16113 comm="syz.2.4324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3af376a42b code=0x7ffc0000 [ 503.124568][T16141] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4329'. [ 503.833571][T16156] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4336'. [ 504.310004][T16171] netlink: 'syz.1.4341': attribute type 1 has an invalid length. [ 504.539654][T16172] 8021q: adding VLAN 0 to HW filter on device bond8 [ 504.573257][T16172] bond7: (slave bond8): making interface the new active one [ 504.601369][T16172] bond7: (slave bond8): Enslaving as an active interface with an up link [ 504.631071][T16173] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4341'. [ 504.684237][T16173] device bond7 entered promiscuous mode [ 504.743572][T16173] device bond8 entered promiscuous mode [ 504.784177][T16173] 8021q: adding VLAN 0 to HW filter on device bond7 [ 505.330119][T16190] lo: Caught tx_queue_len zero misconfig [ 505.383872][T16194] device bridge0 entered promiscuous mode [ 505.533769][T16207] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4355'. [ 505.571127][T16207] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4355'. [ 505.601299][T16213] netlink: 'syz.3.4355': attribute type 10 has an invalid length. [ 505.811598][T16220] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 506.799306][T16230] device bridge11 entered promiscuous mode [ 506.939439][T16230] bond4: (slave bridge11): Enslaving as an active interface with an up link [ 509.008164][T16263] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4372'. [ 510.223635][T16297] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4384'. [ 511.558453][T16340] netlink: 'syz.2.4400': attribute type 1 has an invalid length. [ 511.684111][T16346] bond6: (slave geneve3): Error -99 calling set_mac_address [ 512.402679][T16379] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4415'. [ 512.438524][T16381] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4416'. [ 513.043290][T16392] tipc: Enabling of bearer rejected, failed to enable media [ 513.748176][T16426] IPVS: fo: FWM 3 0x00000003 - no destination available [ 513.765571][T16426] IPVS: fo: FWM 3 0x00000003 - no destination available [ 513.785490][T16426] IPVS: fo: FWM 3 0x00000003 - no destination available [ 514.351452][T16447] netlink: 88 bytes leftover after parsing attributes in process `syz.4.4440'. [ 515.043431][T16463] device bond5 entered promiscuous mode [ 515.066310][T16465] device macvlan2 entered promiscuous mode [ 515.073658][T16465] bond5: (slave macvlan2): Opening slave failed [ 515.193416][T16468] overlayfs: failed to clone upperpath [ 515.504808][T16484] overlayfs: failed to clone upperpath [ 515.761376][T16498] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 515.796959][T16498] netem: change failed [ 515.858060][T16502] device ip6gretap1 entered promiscuous mode [ 515.881576][T16502] bond5: (slave ip6gretap1): no link monitoring support [ 515.903157][T16502] bond5: (slave ip6gretap1): Enslaving as an active interface with an up link [ 516.587381][T16516] overlayfs: failed to clone lowerpath [ 517.125997][T16538] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4477'. [ 517.238737][T16548] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 517.292439][T16541] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4476'. [ 518.147181][T16559] lo speed is unknown, defaulting to 1000 [ 518.221551][T16559] lo speed is unknown, defaulting to 1000 [ 518.283496][T16559] lo speed is unknown, defaulting to 1000 [ 518.383905][T16559] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 518.541050][T16559] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 518.731535][T16559] lo speed is unknown, defaulting to 1000 [ 518.780934][T16559] lo speed is unknown, defaulting to 1000 [ 518.808417][T16559] lo speed is unknown, defaulting to 1000 [ 518.837437][T16559] lo speed is unknown, defaulting to 1000 [ 518.859983][T16559] lo speed is unknown, defaulting to 1000 [ 520.591893][T16592] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4494'. [ 521.698841][T16613] lo speed is unknown, defaulting to 1000 [ 526.962449][ T26] kauditd_printk_skb: 40 callbacks suppressed [ 526.962467][ T26] audit: type=1326 audit(2000000015.460:6751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16684 comm="syz.2.4529" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3af376a799 code=0x0 [ 527.056716][ T26] audit: type=1326 audit(2000000015.540:6752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16684 comm="syz.2.4529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 527.165338][ T26] audit: type=1326 audit(2000000015.540:6753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16684 comm="syz.2.4529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 527.283345][ T26] audit: type=1326 audit(2000000015.540:6754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16684 comm="syz.2.4529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 527.363904][ T26] audit: type=1326 audit(2000000015.540:6755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16684 comm="syz.2.4529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 527.481958][ T26] audit: type=1326 audit(2000000015.550:6756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16684 comm="syz.2.4529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 527.585926][ T26] audit: type=1326 audit(2000000015.550:6757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16684 comm="syz.2.4529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 527.651464][ T26] audit: type=1326 audit(2000000015.550:6758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16684 comm="syz.2.4529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 527.767676][ T26] audit: type=1326 audit(2000000015.550:6759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16684 comm="syz.2.4529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 527.830054][ T26] audit: type=1326 audit(2000000015.550:6760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16684 comm="syz.2.4529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 529.406794][T16725] overlayfs: failed to clone upperpath [ 529.794862][T16741] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4548'. [ 531.389607][T16774] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4557'. [ 531.427229][T16773] netlink: 'syz.1.4558': attribute type 7 has an invalid length. [ 532.868102][T16803] netlink: 'syz.4.4569': attribute type 1 has an invalid length. [ 532.979888][T16808] bond4: (slave bridge12): making interface the new active one [ 533.032665][T16808] bond4: (slave bridge12): Enslaving as an active interface with an up link [ 533.052774][T16811] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4571'. [ 533.101760][T16811] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4571'. [ 536.432217][T16863] sch_tbf: burst 19360 is lower than device lo mtu (65550) ! [ 537.159149][T16869] overlayfs: failed to clone upperpath [ 539.099441][T16888] device batadv_slave_0 left promiscuous mode [ 539.147927][T16888] device team1 left promiscuous mode [ 539.169458][T16888] device team2 left promiscuous mode [ 540.383448][T16888] netdevsim netdevsim0 eth0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 540.392922][T16888] netdevsim netdevsim0 eth1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 540.403167][T16888] netdevsim netdevsim0 eth2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 540.412797][T16888] netdevsim netdevsim0 eth3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 541.633828][T16888] device ip6gretap1 left promiscuous mode [ 542.339596][T16948] netlink: 'syz.4.4616': attribute type 4 has an invalid length. [ 542.454677][T16948] netlink: 'syz.4.4616': attribute type 4 has an invalid length. [ 544.435381][T16990] 8021q: adding VLAN 0 to HW filter on device bond6 [ 545.327106][T17004] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4635'. [ 545.456711][T17013] sch_tbf: burst 19360 is lower than device lo mtu (11337746) ! [ 552.437820][T17190] overlayfs: failed to clone upperpath [ 552.622144][T17198] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 552.685833][T17200] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4697'. [ 552.969499][T17214] netlink: 182 bytes leftover after parsing attributes in process `syz.2.4703'. [ 553.579320][T17225] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4707'. [ 553.705515][T17228] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4709'. [ 553.922260][ T26] kauditd_printk_skb: 60 callbacks suppressed [ 553.922276][ T26] audit: type=1326 audit(2000000298.421:6821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17240 comm="syz.4.4714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b2179f799 code=0x7ffc0000 [ 553.994899][ T26] audit: type=1326 audit(2000000298.421:6822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17240 comm="syz.4.4714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b2179f799 code=0x7ffc0000 [ 554.055546][ T26] audit: type=1326 audit(2000000298.421:6823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17240 comm="syz.4.4714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b2179f799 code=0x7ffc0000 [ 554.161919][ T26] audit: type=1326 audit(2000000298.421:6824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17240 comm="syz.4.4714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b2179f799 code=0x7ffc0000 [ 554.299173][ T26] audit: type=1326 audit(2000000298.421:6825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17240 comm="syz.4.4714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f0b2179f799 code=0x7ffc0000 [ 554.379652][ T26] audit: type=1326 audit(2000000298.451:6826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17240 comm="syz.4.4714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b2179f799 code=0x7ffc0000 [ 554.452267][ T26] audit: type=1326 audit(2000000298.451:6827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17240 comm="syz.4.4714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b2179f799 code=0x7ffc0000 [ 554.497512][ T26] audit: type=1326 audit(2000000298.451:6828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17240 comm="syz.4.4714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b2179f799 code=0x7ffc0000 [ 554.561658][ T26] audit: type=1326 audit(2000000298.451:6829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17240 comm="syz.4.4714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7f0b2179f799 code=0x7ffc0000 [ 554.597582][ T26] audit: type=1326 audit(2000000298.451:6830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17240 comm="syz.4.4714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b2179f799 code=0x7ffc0000 [ 555.659714][T17290] netlink: 'syz.0.4725': attribute type 10 has an invalid length. [ 557.759546][T17316] bond4: (slave ip6erspan0): Releasing active interface [ 557.801875][T17316] bond5: (slave ip6gretap1): Releasing backup interface [ 559.922329][T17348] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4746'. [ 560.718235][T17356] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4749'. [ 562.303017][T17391] fuse: Bad value for 'fd' [ 563.091781][T17402] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4762'. [ 563.184596][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.191725][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.203850][T17402] 8021q: adding VLAN 0 to HW filter on device bond6 [ 564.426552][T17436] overlayfs: failed to clone upperpath [ 564.515308][T17434] tipc: Enabling of bearer rejected, already enabled [ 564.559687][T17434] tipc: Enabled bearer , priority 0 [ 565.690562][T17449] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4778'. [ 565.721244][T17449] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4778'. [ 565.979076][T17453] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4778'. [ 565.994417][T17453] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4778'. [ 566.384109][T17457] netlink: 'syz.1.4779': attribute type 1 has an invalid length. [ 566.470299][T17457] 8021q: adding VLAN 0 to HW filter on device bond9 [ 566.479679][T17461] netlink: 'syz.4.4782': attribute type 15 has an invalid length. [ 566.694012][T17464] bond9: (slave gretap1): Enslaving as an active interface with an up link [ 566.788741][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): bond9: link becomes ready [ 570.578787][T17511] netlink: 'syz.1.4805': attribute type 4 has an invalid length. [ 570.746434][T17520] netlink: 'syz.1.4805': attribute type 4 has an invalid length. [ 572.551721][T17542] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4800'. [ 575.390164][T17585] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 576.355103][T17588] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4822'. [ 578.889140][T17608] netlink: 104 bytes leftover after parsing attributes in process `syz.4.4829'. [ 578.925744][T17616] netlink: 'syz.3.4831': attribute type 10 has an invalid length. [ 579.436930][T17637] bond0: (slave bond3): Releasing backup interface [ 579.603557][T17637] bond4: (slave bridge12): Releasing active interface [ 579.755234][T17640] team0: Failed to send options change via netlink (err -105) [ 579.838059][T17640] team0: Mode changed to "loadbalance" [ 579.870813][T17648] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4842'. [ 579.901680][T17648] (unnamed net_device) (uninitialized): peer notification delay (2365) is not a multiple of miimon (4), value rounded to 2364 ms [ 580.000177][T17650] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4842'. [ 580.010945][T17650] bond10: peer notification delay (2365) is not a multiple of miimon (4), value rounded to 2364 ms [ 581.887406][T17686] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4854'. [ 584.734111][T17708] lo speed is unknown, defaulting to 1000 [ 585.263840][T17732] bond11: (slave ip6gretap1): no link monitoring support [ 585.275209][T17732] bond11: (slave ip6gretap1): MII and ETHTOOL support not available for slave, and arp_interval/arp_ip_target module parameters not specified, thus bonding will not detect link failures! see bonding.txt for details [ 585.298808][T17732] bond11: (slave ip6gretap1): Enslaving as an active interface with an up link [ 585.568944][T17751] netlink: 'syz.3.4873': attribute type 4 has an invalid length. [ 586.115839][T17761] netlink: 'syz.1.4879': attribute type 16 has an invalid length. [ 586.165492][T17761] netlink: 'syz.1.4879': attribute type 17 has an invalid length. [ 586.227427][T17761] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready [ 586.290804][T17761] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready [ 586.375106][T17761] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready [ 586.471121][T17761] device erspan0 left promiscuous mode [ 586.530494][T17761] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready [ 586.623802][T17761] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready [ 586.666703][T17761] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready [ 586.759565][T17761] IPv6: ADDRCONF(NETDEV_CHANGE): sit0: link becomes ready [ 586.904602][T17761] IPv6: ADDRCONF(NETDEV_CHANGE): ip6tnl0: link becomes ready [ 587.038079][T17761] IPv6: ADDRCONF(NETDEV_CHANGE): ip6gre0: link becomes ready [ 587.175698][T17761] IPv6: ADDRCONF(NETDEV_CHANGE): ip6gretap0: link becomes ready [ 587.462525][T17761] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 587.606981][T17761] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 587.812772][T17761] 8021q: adding VLAN 0 to HW filter on device team0 [ 588.112530][T17761] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready [ 588.140831][T17761] IPv6: ADDRCONF(NETDEV_CHANGE): nlmon0: link becomes ready [ 588.178490][T17761] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 588.297900][T17794] overlayfs: failed to clone upperpath [ 588.748649][T17810] syz.1.4900 (17810): attempted to duplicate a private mapping with mremap. This is not supported. [ 589.405896][T17830] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4903'. [ 591.435989][T17838] team0: Mode changed to "loadbalance" [ 592.783811][T17873] netlink: 'syz.4.4921': attribute type 4 has an invalid length. [ 594.410753][T17879] lo speed is unknown, defaulting to 1000 [ 594.505267][T17891] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 596.537687][T17928] netlink: 'syz.1.4938': attribute type 1 has an invalid length. [ 596.777105][T17928] bond12: (slave gretap2): making interface the new active one [ 596.792680][T17928] bond12: (slave gretap2): Enslaving as an active interface with an up link [ 597.768874][T17940] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4941'. [ 597.797491][T17933] bond12: (slave vlan5): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened) [ 598.089253][T17949] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 598.396127][T17956] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4946'. [ 598.525976][T17958] 8021q: adding VLAN 0 to HW filter on device bond7 [ 599.191183][ C0] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 600.235468][T17987] netlink: 'syz.0.4958': attribute type 1 has an invalid length. [ 600.252789][T17988] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4959'. [ 600.484118][T17989] bond7: (slave gretap2): making interface the new active one [ 600.502741][T17989] bond7: (slave gretap2): Enslaving as an active interface with an up link [ 600.559424][T17993] bond7: (slave vlan3): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened) [ 602.923713][T18033] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4971'. [ 603.075304][T18043] tipc: Failed to remove unknown binding: 66,0,0/2126:639054525/639054527 [ 604.988428][T18066] netlink: 'syz.2.4980': attribute type 1 has an invalid length. [ 605.647838][T18072] bond7: (slave gretap2): making interface the new active one [ 606.201517][T18072] bond7: (slave gretap2): Enslaving as an active interface with an up link [ 606.291164][T18079] bond7: (slave vlan3): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened) [ 609.620476][T14407] Bluetooth: Wrong link type (-71) [ 609.762025][T18131] overlayfs: failed to clone upperpath [ 609.993959][T18140] netlink: 'syz.3.5002': attribute type 1 has an invalid length. [ 610.292153][T18140] bond8: (slave gretap1): making interface the new active one [ 610.345941][T18140] bond8: (slave gretap1): Enslaving as an active interface with an up link [ 610.532547][T18150] bond8: (slave vlan3): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened) [ 612.133367][T18175] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5015'. [ 612.262347][T18184] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5017'. [ 613.694434][T18205] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5025'. [ 613.789401][T18209] overlayfs: failed to clone upperpath [ 614.976334][T18220] 8021q: adding VLAN 0 to HW filter on device bond8 [ 615.088678][T18222] bond8: (slave macvlan5): Error -22 calling dev_set_mtu [ 615.178672][T18238] tipc: Started in network mode [ 615.185054][T18238] tipc: Node identity ac1414aa, cluster identity 4711 [ 615.193794][T18238] tipc: Enabling of bearer rejected, failed to enable media [ 617.891069][T18282] netlink: 'syz.3.5050': attribute type 21 has an invalid length. [ 617.936974][T18282] netlink: 'syz.3.5050': attribute type 6 has an invalid length. [ 617.966699][T18282] netlink: 132 bytes leftover after parsing attributes in process `syz.3.5050'. [ 618.234790][T18298] netlink: 'syz.3.5055': attribute type 1 has an invalid length. [ 618.575195][T18317] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 618.618148][T18319] bond3: (slave bridge10): Releasing active interface [ 618.630935][T18319] bond4: (slave bridge11): Releasing backup interface [ 618.645280][T18319] bond8: (slave gretap1): Releasing active interface [ 618.705785][T18319] team0: Mode changed to "broadcast" [ 618.714971][T18319] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5064'. [ 621.063255][T18343] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5071'. [ 621.181695][T18347] netlink: 1319 bytes leftover after parsing attributes in process `syz.1.5074'. [ 621.371098][T14407] Bluetooth: Wrong link type (-71) [ 621.616330][T18379] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5086'. [ 623.297039][T18392] bond0: (slave wlan1): Releasing backup interface [ 623.382638][T18392] bond5: (slave ip6gretap1): Releasing active interface [ 623.418615][T18392] bond7: (slave gretap2): Releasing active interface [ 623.497407][T18400] team0: Mode changed to "broadcast" [ 623.548609][T18401] netlink: 'syz.4.5090': attribute type 10 has an invalid length. [ 623.574539][T18402] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5088'. [ 624.194230][T18440] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 624.227497][T18440] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING [ 624.358982][T18444] netlink: 'syz.2.5105': attribute type 1 has an invalid length. [ 624.398029][T18444] 8021q: adding VLAN 0 to HW filter on device bond9 [ 624.418818][T18447] bond7: option mode: unable to set because the bond device is up [ 624.434507][T18447] bond7: (slave batadv_slave_1): making interface the new active one [ 624.453105][T18447] bond7: (slave batadv_slave_1): Enslaving as an active interface with an up link [ 624.471561][T17871] IPv6: ADDRCONF(NETDEV_CHANGE): bond7: link becomes ready [ 624.531946][T18444] bond9: (slave gretap3): Enslaving as an active interface with an up link [ 624.550084][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): bond9: link becomes ready [ 624.622988][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.630094][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 625.024695][T18464] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5110'. [ 626.491147][T18482] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 626.583445][T18482] bond5: (slave veth21): Releasing active interface [ 626.631379][T18482] bond7: (slave bond8): Releasing backup interface [ 626.638377][T18482] device bond8 left promiscuous mode [ 626.695467][T18482] bond9: (slave gretap1): Releasing backup interface [ 626.737316][T18482] bond11: (slave ip6gretap1): Releasing backup interface [ 626.776721][T18482] bond12: (slave gretap2): Releasing active interface [ 626.826580][T18481] netlink: 'syz.0.5126': attribute type 15 has an invalid length. [ 627.082483][T18483] team0: Mode changed to "broadcast" [ 627.100724][T18484] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5116'. [ 627.432100][T18497] overlayfs: failed to clone upperpath [ 627.886884][T18529] netlink: 'syz.1.5134': attribute type 15 has an invalid length. [ 627.952612][T18529] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 629.255935][ T26] kauditd_printk_skb: 14 callbacks suppressed [ 629.255952][ T26] audit: type=1326 audit(2000000373.753:6845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18534 comm="syz.0.5137" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3ec09d7799 code=0x0 [ 629.331307][T18545] netlink: 104 bytes leftover after parsing attributes in process `syz.3.5139'. [ 629.686074][T18568] team0: Mode changed to "broadcast" [ 629.699883][T18568] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5147'. [ 633.193878][T18598] netlink: 'syz.2.5152': attribute type 15 has an invalid length. [ 633.308760][T18595] netlink: 104 bytes leftover after parsing attributes in process `syz.1.5155'. [ 634.553088][T18620] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 635.516382][T18631] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING [ 635.578141][ T26] audit: type=1326 audit(2000000380.074:6846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18635 comm="syz.4.5172" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0b2179f799 code=0x0 [ 636.376253][T18643] sctp: [Deprecated]: syz.1.5175 (pid 18643) Use of struct sctp_assoc_value in delayed_ack socket option. [ 636.376253][T18643] Use struct sctp_sack_info instead [ 638.299032][T18672] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 639.492824][T18687] netlink: 88 bytes leftover after parsing attributes in process `syz.2.5190'. [ 640.564741][T18705] netem: change failed [ 641.555791][T18737] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 642.676544][T18745] netlink: 'syz.3.5208': attribute type 15 has an invalid length. [ 643.719971][ T26] audit: type=1326 audit(2000000388.225:6847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18770 comm="syz.3.5217" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8cbd364799 code=0x0 [ 644.037810][T18783] netlink: 'syz.4.5222': attribute type 16 has an invalid length. [ 644.101655][T18784] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 644.578535][T18783] netlink: 'syz.4.5222': attribute type 17 has an invalid length. [ 644.948930][T18783] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 644.958846][T18783] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 644.969613][T18783] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready [ 645.008059][T18783] device gre0 left promiscuous mode [ 645.035775][T18783] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready [ 645.070245][T18783] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready [ 645.094290][T18783] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready [ 645.125037][T18783] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready [ 645.157946][T18783] IPv6: ADDRCONF(NETDEV_CHANGE): sit0: link becomes ready [ 645.192401][T18783] IPv6: ADDRCONF(NETDEV_CHANGE): ip6tnl0: link becomes ready [ 645.247132][T18783] IPv6: ADDRCONF(NETDEV_CHANGE): ip6gre0: link becomes ready [ 645.256700][T18783] IPv6: ADDRCONF(NETDEV_CHANGE): ip6gretap0: link becomes ready [ 645.266597][T18783] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 645.307295][T18783] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 645.319434][T18783] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready [ 645.332460][T18783] IPv6: ADDRCONF(NETDEV_CHANGE): nlmon0: link becomes ready [ 645.848040][T18783] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 646.035582][T18799] netlink: 'syz.1.5228': attribute type 15 has an invalid length. [ 646.048008][T18799] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 646.134395][T18808] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 646.161505][T18808] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 646.181852][T18808] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 647.393848][T18827] sch_fq: defrate 53322 ignored. [ 647.605277][T18842] netlink: 'syz.0.5242': attribute type 16 has an invalid length. [ 647.628597][T18842] netlink: 'syz.0.5242': attribute type 17 has an invalid length. [ 647.656307][T18842] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 647.665685][T18842] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready [ 647.675320][T18842] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready [ 647.702452][T18842] device gretap0 left promiscuous mode [ 647.736592][T18842] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready [ 647.767530][T18842] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready [ 647.795611][T18842] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready [ 647.813504][T18842] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready [ 647.827152][T18842] IPv6: ADDRCONF(NETDEV_CHANGE): sit0: link becomes ready [ 647.857664][T18842] IPv6: ADDRCONF(NETDEV_CHANGE): ip6tnl0: link becomes ready [ 647.877099][T18842] IPv6: ADDRCONF(NETDEV_CHANGE): ip6gre0: link becomes ready [ 647.904351][T18842] IPv6: ADDRCONF(NETDEV_CHANGE): ip6gretap0: link becomes ready [ 647.923871][T18842] 8021q: adding VLAN 0 to HW filter on device bond0 [ 647.935478][T18842] 8021q: adding VLAN 0 to HW filter on device team0 [ 647.950746][T18842] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready [ 647.964219][T18842] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready [ 647.973639][T18842] IPv6: ADDRCONF(NETDEV_CHANGE): nlmon0: link becomes ready [ 647.987920][T18842] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 648.016068][ T4589] lo speed is unknown, defaulting to 1000 [ 648.027576][T18857] bond5: (slave batadv_slave_1): Enslaving as a backup interface with a down link [ 649.559818][T18896] sock: sock_set_timeout: `syz.2.5259' (pid 18896) tries to set negative timeout [ 649.664436][T18898] overlayfs: failed to clone upperpath [ 649.726550][T18903] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5263'. [ 649.779447][T18900] netlink: 'syz.3.5262': attribute type 16 has an invalid length. [ 649.806786][T18900] netlink: 'syz.3.5262': attribute type 17 has an invalid length. [ 649.825248][T18900] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 649.845903][T18900] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 649.856087][T18900] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready [ 649.870607][T18900] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready [ 649.882586][T18900] device gretap0 left promiscuous mode [ 649.907939][T18900] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready [ 649.946361][T18900] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready [ 649.970595][T18900] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready [ 650.002485][T18900] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready [ 650.018230][T18900] IPv6: ADDRCONF(NETDEV_CHANGE): sit0: link becomes ready [ 650.038532][T18900] IPv6: ADDRCONF(NETDEV_CHANGE): ip6tnl0: link becomes ready [ 650.048547][T18900] IPv6: ADDRCONF(NETDEV_CHANGE): ip6gre0: link becomes ready [ 650.064256][T18900] IPv6: ADDRCONF(NETDEV_CHANGE): ip6gretap0: link becomes ready [ 650.076553][T18900] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready [ 650.109669][T18900] IPv6: ADDRCONF(NETDEV_CHANGE): nlmon0: link becomes ready [ 650.125160][T18900] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 650.158565][T18909] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5263'. [ 650.213688][T18911] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5264'. [ 650.279155][T18911] IPv6: ADDRCONF(NETDEV_CHANGE): gre3: link becomes ready [ 652.092553][T18937] tipc: Failed to remove unknown binding: 66,0,0/1648496653:828788551/828788553 [ 652.131448][T18937] tipc: Failed to remove unknown binding: 66,0,0/1648496653:828788551/828788552 [ 652.168580][T18937] tipc: Failed to remove unknown binding: 66,0,0/1648496653:828788551/828788553 [ 652.237458][T18937] tipc: Failed to remove unknown binding: 66,0,0/1648496653:828788551/828788552 [ 652.488086][T18958] netlink: 'syz.2.5277': attribute type 16 has an invalid length. [ 652.504486][T18958] netlink: 'syz.2.5277': attribute type 17 has an invalid length. [ 652.515345][T18958] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 652.552790][T18958] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready [ 652.577908][T18961] tipc: Failed to remove unknown binding: 66,0,0/1648496653:92973358/92973360 [ 652.600435][T18958] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready [ 652.622809][T18961] tipc: Failed to remove unknown binding: 66,0,0/1648496653:92973358/92973359 [ 652.647909][T18961] tipc: Failed to remove unknown binding: 66,0,0/1648496653:92973358/92973360 [ 652.658057][T18961] tipc: Failed to remove unknown binding: 66,0,0/1648496653:92973358/92973359 [ 652.678518][T18958] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready [ 652.692820][T18958] device erspan0 left promiscuous mode [ 652.709036][T18958] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready [ 652.751488][T18958] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready [ 652.992050][T18958] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready [ 653.241591][T18958] IPv6: ADDRCONF(NETDEV_CHANGE): sit0: link becomes ready [ 653.457778][T18958] IPv6: ADDRCONF(NETDEV_CHANGE): ip6tnl0: link becomes ready [ 653.551802][T18958] IPv6: ADDRCONF(NETDEV_CHANGE): ip6gre0: link becomes ready [ 653.562090][T18958] IPv6: ADDRCONF(NETDEV_CHANGE): ip6gretap0: link becomes ready [ 653.574502][T18958] 8021q: adding VLAN 0 to HW filter on device bond0 [ 653.585059][T18958] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready [ 653.595348][T18958] IPv6: ADDRCONF(NETDEV_CHANGE): nlmon0: link becomes ready [ 653.606068][T18958] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 656.572728][T19021] netlink: 'syz.3.5299': attribute type 16 has an invalid length. [ 656.622733][T19021] netlink: 'syz.3.5299': attribute type 17 has an invalid length. [ 656.874408][T19021] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 656.896501][T19021] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 657.462074][T19021] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 657.676725][T19040] netlink: 'syz.2.5309': attribute type 15 has an invalid length. [ 658.723918][T19062] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5317'. [ 658.744409][T19062] device ip6gre1 entered promiscuous mode [ 658.775793][T19062] netlink: 'syz.2.5317': attribute type 6 has an invalid length. [ 658.809531][T19062] netlink: 72 bytes leftover after parsing attributes in process `syz.2.5317'. [ 658.896814][T19070] xt_CHECKSUM: unsupported CHECKSUM operation 68 [ 659.876819][ T26] audit: type=1326 audit(2000000404.376:6848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19069 comm="syz.2.5318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 659.950269][ T26] audit: type=1326 audit(2000000404.416:6849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19069 comm="syz.2.5318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=98 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 660.033846][ T26] audit: type=1326 audit(2000000404.416:6850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19069 comm="syz.2.5318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 660.065748][ T26] audit: type=1326 audit(2000000404.416:6851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19069 comm="syz.2.5318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 660.145948][ T26] audit: type=1326 audit(2000000404.416:6852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19069 comm="syz.2.5318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af376a799 code=0x7ffc0000 [ 662.013060][T19112] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5329'. [ 663.848241][ T26] audit: type=1804 audit(2000000408.346:6853): pid=19141 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.5335" name="file0" dev="hugetlbfs" ino=69364 res=1 errno=0 [ 664.075910][ T26] audit: type=1804 audit(2000000408.416:6854): pid=19141 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.5335" name="file0" dev="hugetlbfs" ino=69364 res=1 errno=0 [ 671.306784][T19203] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5361'. [ 671.437703][T19199] bond5: (slave ip6gretap1): Enslaving as an active interface with an up link [ 671.503299][T19201] bond5 (unregistering): (slave ip6gretap1): Releasing backup interface [ 671.539580][T19201] bond5 (unregistering): Released all slaves [ 671.688075][T19211] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5362'. [ 671.738315][T19209] overlayfs: failed to clone upperpath [ 672.093773][T19209] overlayfs: failed to clone upperpath [ 673.027361][T19228] device bridge9 entered promiscuous mode [ 675.092391][T19246] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 675.099997][T19246] IPv6: NLM_F_CREATE should be set when creating new route [ 675.737053][T19261] overlayfs: failed to clone upperpath [ 676.031978][T19261] overlayfs: failed to clone upperpath [ 676.138780][T19264] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5379'. [ 677.120494][T19276] netlink: 52 bytes leftover after parsing attributes in process `syz.1.5384'. [ 677.138410][T19276] netlink: 76 bytes leftover after parsing attributes in process `syz.1.5384'. [ 677.167039][T19276] netlink: 52 bytes leftover after parsing attributes in process `syz.1.5384'. [ 682.005495][T19318] bond0 speed is unknown, defaulting to 1000 [ 682.005756][T19318] bond0 speed is unknown, defaulting to 1000 [ 682.017560][T19318] bond0 speed is unknown, defaulting to 1000 [ 682.024605][T19318] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 682.040122][T19324] device bridge0 entered promiscuous mode [ 682.095140][T19329] netlink: 14 bytes leftover after parsing attributes in process `syz.1.5399'. [ 682.184418][T19318] bond0 speed is unknown, defaulting to 1000 [ 682.207160][T19318] bond0 speed is unknown, defaulting to 1000 [ 682.220941][T19318] bond0 speed is unknown, defaulting to 1000 [ 682.244959][T19318] bond0 speed is unknown, defaulting to 1000 [ 682.252436][T19318] bond0 speed is unknown, defaulting to 1000 [ 685.931089][ T26] audit: type=1804 audit(4147484078.433:6855): pid=19413 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.5427" name="file0" dev="hugetlbfs" ino=69629 res=1 errno=0 [ 686.137978][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.149976][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.167108][ T26] audit: type=1804 audit(4147484078.463:6856): pid=19413 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.5427" name="file0" dev="hugetlbfs" ino=69629 res=1 errno=0 [ 687.041898][ T26] audit: type=1804 audit(4147484079.543:6857): pid=19424 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.5431" name="bus" dev="ramfs" ino=70346 res=1 errno=0 [ 688.078145][ T26] audit: type=1804 audit(4147484079.543:6858): pid=19424 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.5431" name="bus" dev="ramfs" ino=70346 res=1 errno=0 [ 688.162305][T19433] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5434'. [ 688.616628][T19436] 9p filesystem being mounted at /1074/file0 supports timestamps until 2106-02-07 (0xffffffff) [ 689.765222][T19454] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5441'. [ 689.934314][T19454] (unnamed net_device) (uninitialized): Invalid ad_actor_system MAC address. [ 689.969029][T19454] (unnamed net_device) (uninitialized): option ad_actor_system: invalid value (68719607821) [ 691.367548][T19472] device bridge17 entered promiscuous mode [ 691.398964][T19472] bond9: (slave bridge17): making interface the new active one [ 691.427047][T19472] bond9: (slave bridge17): Enslaving as an active interface with an up link [ 691.845199][T19484] xt_hashlimit: size too large, truncated to 1048576 [ 691.868632][T19484] xt_hashlimit: invalid rate [ 691.983439][T19488] sctp: [Deprecated]: syz.2.5454 (pid 19488) Use of int in max_burst socket option. [ 691.983439][T19488] Use struct sctp_assoc_value instead [ 692.473790][T19510] sch_tbf: burst 2 is lower than device lo mtu (1294) ! [ 692.497419][T19510] sch_tbf: burst 2 is lower than device lo mtu (1294) ! [ 692.505012][T19510] sch_tbf: burst 2 is lower than device lo mtu (1294) ! [ 692.556364][T19512] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5464'. [ 692.582539][T19512] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5464'. [ 692.623305][T19512] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5464'. [ 695.450208][T19560] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5480'. [ 695.495724][T19560] netlink: 'syz.3.5480': attribute type 7 has an invalid length. [ 695.534053][T19560] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5480'. [ 695.801601][ T26] audit: type=1804 audit(4147484088.304:6859): pid=19580 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.5496" name="bus" dev="ramfs" ino=70540 res=1 errno=0 [ 695.888773][ T26] audit: type=1804 audit(4147484088.304:6860): pid=19580 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.5496" name="bus" dev="ramfs" ino=70540 res=1 errno=0 [ 696.015068][T19563] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5481'. [ 697.295965][T19598] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5490'. [ 698.376456][T19608] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5493'. [ 699.480857][T19622] device bridge0 entered promiscuous mode [ 699.743299][T19636] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 699.751087][T19636] IPv6: NLM_F_CREATE should be set when creating new route [ 701.025459][T19653] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5509'. [ 701.952531][T19669] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5517'. [ 704.069248][T19711] netlink: 'syz.3.5525': attribute type 10 has an invalid length. [ 706.717748][T19735] sch_tbf: burst 2 is lower than device lo mtu (18) ! [ 706.789153][ T26] audit: type=1804 audit(4147484099.294:6861): pid=19737 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.5534" name="bus" dev="ramfs" ino=71718 res=1 errno=0 [ 706.814634][T19739] sch_tbf: burst 2 is lower than device lo mtu (18) ! [ 706.843529][T19739] sch_tbf: burst 2 is lower than device lo mtu (18) ! [ 706.860606][ T26] audit: type=1804 audit(4147484099.314:6862): pid=19737 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.5534" name="bus" dev="ramfs" ino=71718 res=1 errno=0 [ 708.113358][T19759] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5541'. [ 709.654465][T19766] overlayfs: failed to clone upperpath [ 711.248849][T19784] MPTCP: kernel_bind error, err=-99 [ 711.966209][T19787] netlink: 'syz.1.5552': attribute type 7 has an invalid length. [ 715.205640][T19843] overlayfs: failed to clone upperpath [ 715.237654][T19851] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5570'. [ 715.281938][T19843] overlayfs: failed to clone upperpath [ 718.007202][T19896] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5585'. [ 718.072166][T19896] bridge15: port 1(veth19) entered blocking state [ 718.079239][T19896] bridge15: port 1(veth19) entered disabled state [ 718.088291][T19896] device veth19 entered promiscuous mode [ 718.095221][T19896] bridge15: port 1(veth19) entered blocking state [ 718.102101][T19896] bridge15: port 1(veth19) entered forwarding state [ 718.131561][T19905] bridge15: port 2(veth21) entered blocking state [ 718.150212][T19905] bridge15: port 2(veth21) entered disabled state [ 718.167036][T19905] device veth21 entered promiscuous mode [ 718.179366][T19905] bridge15: port 2(veth21) entered blocking state [ 718.186235][T19905] bridge15: port 2(veth21) entered forwarding state [ 718.254827][T15048] bridge15: port 1(veth19) entered disabled state [ 718.280204][T15048] bridge15: port 2(veth21) entered disabled state [ 718.419545][T19951] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5591'. [ 721.651501][T19992] netlink: 'syz.0.5603': attribute type 1 has an invalid length. [ 721.672880][T19992] 8021q: adding VLAN 0 to HW filter on device bond10 [ 721.742031][T19992] bond10: (slave gretap3): making interface the new active one [ 721.781137][T19992] bond10: (slave gretap3): Enslaving as an active interface with an up link [ 721.802567][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): bond10: link becomes ready [ 721.814651][T19992] syz.0.5603 (19992) used greatest stack depth: 18256 bytes left [ 721.939755][T20005] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5611'. [ 723.525866][T20018] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5614'. [ 725.697363][T20034] xt_policy: output policy not valid in PREROUTING and INPUT [ 726.849131][T20057] netlink: 48 bytes leftover after parsing attributes in process `syz.4.5623'. [ 730.050865][T20087] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5631'. [ 730.216763][T20098] netlink: 798 bytes leftover after parsing attributes in process `syz.0.5637'. [ 730.398768][ T26] audit: type=1326 audit(4147484122.906:6863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20106 comm="syz.4.5641" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0b2179f799 code=0x0 [ 730.497753][T20118] device ipip1 entered promiscuous mode [ 731.553838][T20145] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5650'. [ 731.914891][T20164] netlink: 'syz.3.5657': attribute type 27 has an invalid length. [ 734.039415][T20187] netlink: 'syz.0.5672': attribute type 21 has an invalid length. [ 734.092900][T20187] IPv6: NLM_F_CREATE should be specified when creating new route [ 734.140785][T20187] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 734.148143][T20187] IPv6: NLM_F_CREATE should be set when creating new route [ 734.155650][T20187] IPv6: NLM_F_CREATE should be set when creating new route [ 734.163125][T20187] IPv6: NLM_F_CREATE should be set when creating new route [ 734.313664][T20191] netlink: 'syz.0.5672': attribute type 21 has an invalid length. [ 734.321766][T20191] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 737.173548][T20228] device vlan2 entered promiscuous mode [ 737.193560][T20228] device gretap0 entered promiscuous mode [ 739.772254][T20281] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 740.402907][T20285] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5691'. [ 746.734644][T20383] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5714'. [ 746.763346][T20383] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5714'. [ 747.608646][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.615627][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 753.182498][T20481] overlayfs: failed to clone upperpath [ 753.904278][T20488] overlayfs: failed to clone upperpath [ 756.891245][T20522] fuse: Unknown parameter '4' [ 756.935090][T20522] sctp: [Deprecated]: syz.2.5753 (pid 20522) Use of int in max_burst socket option deprecated. [ 756.935090][T20522] Use struct sctp_assoc_value instead [ 757.083006][T20534] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 757.107731][ T26] audit: type=1800 audit(4147484151.609:6864): pid=20536 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.5758" name="SYSV00000000" dev="hugetlbfs" ino=2 res=0 errno=0 [ 757.352741][T20547] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5760'. [ 762.433389][T20613] netlink: 'syz.4.5787': attribute type 1 has an invalid length. [ 762.541788][T20617] bond5: (slave veth15): Enslaving as an active interface with a down link [ 762.683435][ T26] audit: type=1800 audit(4147484157.179:6865): pid=20591 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.5778" name="bus" dev="ramfs" ino=72937 res=0 errno=0 [ 762.994769][T20613] bond5: (slave dummy0): making interface the new active one [ 763.308265][T20613] bond5: (slave dummy0): Enslaving as an active interface with an up link [ 763.492700][T20620] netlink: 14 bytes leftover after parsing attributes in process `syz.4.5787'. [ 763.593435][T20620] bond5: (slave dummy0): Releasing active interface [ 763.642150][T20627] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 763.712535][T20631] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5791'. [ 766.105370][T20684] bond5: (slave veth15): Releasing active interface [ 766.722360][T20691] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 767.748472][T20702] netlink: 64 bytes leftover after parsing attributes in process `syz.0.5817'. [ 768.967451][T20722] lo speed is unknown, defaulting to 1000 [ 769.024420][T20722] bond0 speed is unknown, defaulting to 1000 [ 770.477719][T20712] syz.1.5819 (20712) used greatest stack depth: 16464 bytes left [ 771.762981][T20763] overlayfs: failed to clone upperpath [ 772.596465][T20771] device macsec0 entered promiscuous mode [ 772.628261][T20771] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5838'. [ 772.686787][T20771] device macsec0 left promiscuous mode [ 772.784060][ T26] audit: type=1800 audit(4147484167.290:6866): pid=20752 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.5831" name="bus" dev="ramfs" ino=73197 res=0 errno=0 [ 773.078098][ T1346] Process accounting resumed [ 773.352768][T20795] netlink: 'syz.3.5847': attribute type 4 has an invalid length. [ 775.907163][ T26] audit: type=1326 audit(4147484170.410:6867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20822 comm="syz.3.5854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cbd364799 code=0x7ffc0000 [ 776.036501][ T26] audit: type=1326 audit(4147484170.440:6868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20822 comm="syz.3.5854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cbd364799 code=0x7ffc0000 [ 776.116553][ T26] audit: type=1326 audit(4147484170.470:6869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20822 comm="syz.3.5854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f8cbd364799 code=0x7ffc0000 [ 776.143325][ T26] audit: type=1326 audit(4147484170.470:6870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20822 comm="syz.3.5854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cbd364799 code=0x7ffc0000 [ 776.167865][ T26] audit: type=1326 audit(4147484170.470:6871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20822 comm="syz.3.5854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cbd364799 code=0x7ffc0000 [ 776.192467][ T26] audit: type=1326 audit(4147484170.470:6872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20822 comm="syz.3.5854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f8cbd364799 code=0x7ffc0000 [ 776.218187][ T26] audit: type=1326 audit(4147484170.470:6873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20822 comm="syz.3.5854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cbd364799 code=0x7ffc0000 [ 776.247534][ T26] audit: type=1326 audit(4147484170.470:6874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20822 comm="syz.3.5854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cbd364799 code=0x7ffc0000 [ 776.277431][ T26] audit: type=1326 audit(4147484170.470:6875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20822 comm="syz.3.5854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f8cbd364799 code=0x7ffc0000 [ 776.530866][T20837] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5859'. [ 776.572056][T20837] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5859'. [ 776.615485][T20837] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5859'. [ 776.652065][T20837] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5859'. [ 778.144923][ T26] kauditd_printk_skb: 183 callbacks suppressed [ 778.145057][ T26] audit: type=1800 audit(4147484172.640:7059): pid=20831 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.5855" name="bus" dev="ramfs" ino=73275 res=0 errno=0 [ 781.640358][T20916] netlink: 'syz.4.5886': attribute type 1 has an invalid length. [ 781.662544][T20916] netlink: 146340 bytes leftover after parsing attributes in process `syz.4.5886'. [ 783.010331][T20937] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5896'. [ 783.371787][T20951] No such timeout policy "syz0" [ 784.892112][T20993] netlink: 14 bytes leftover after parsing attributes in process `syz.2.5913'. [ 789.330498][T21036] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5932'. [ 791.230432][T21059] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma? [ 792.067738][T21103] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5943'. [ 798.716800][T21175] tipc: Failed to remove unknown binding: 66,0,0/1648496653:54029643/54029645 [ 798.820767][T21175] tipc: Failed to remove unknown binding: 66,0,0/1648496653:54029643/54029644 [ 798.856898][T21185] tipc: Failed to remove unknown binding: 66,0,0/1648496653:54029643/54029645 [ 799.877591][T21185] tipc: Failed to remove unknown binding: 66,0,0/1648496653:54029643/54029644 [ 800.538703][T21208] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5972'. [ 800.694404][T21208] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5972'. [ 804.612566][T21257] device bridge18 entered promiscuous mode [ 804.729347][T21257] team0: Port device bridge18 added [ 805.816767][T21273] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5994'. [ 809.050946][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 809.057348][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 816.062587][T21410] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6032'. [ 816.351143][T21412] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6031'. [ 816.757841][T21425] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 816.765534][T21425] IPv6: NLM_F_CREATE should be set when creating new route [ 817.098857][T21437] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6033'. [ 817.942713][T21437] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 817.951277][T21437] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 817.959597][T21437] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 817.968076][T21437] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 818.025341][T21442] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6037'. [ 819.249469][T21476] sctp: [Deprecated]: syz.2.6050 (pid 21476) Use of struct sctp_assoc_value in delayed_ack socket option. [ 819.249469][T21476] Use struct sctp_sack_info instead [ 819.305814][T21478] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 819.313152][T21478] IPv6: NLM_F_CREATE should be set when creating new route [ 819.339019][T21480] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6051'. [ 822.140739][T20882] lo speed is unknown, defaulting to 1000 [ 822.149758][T21480] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6051'. [ 822.165209][T21480] device veth27 entered promiscuous mode [ 823.244412][T21523] trusted_key: encrypted_key: master key parameter 'šÙ|™{E' is invalid [ 830.115890][T21606] overlayfs: failed to clone upperpath [ 832.776288][T21624] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6090'. [ 833.849437][T21624] device hsr_slave_0 left promiscuous mode [ 833.936460][T21641] lo speed is unknown, defaulting to 1000 [ 833.965361][T21641] bond0 speed is unknown, defaulting to 1000 [ 834.338540][T21652] 9pnet: Insufficient options for proto=fd [ 838.829665][T21692] Invalid option length (57448) for dns_resolver key [ 839.370921][T21700] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6112'. [ 844.900462][T21723] device macvtap0 entered promiscuous mode [ 844.946267][T21723] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6119'. [ 845.064276][T21723] device macvtap0 left promiscuous mode [ 847.973861][T21756] MPTCP: kernel_bind error, err=-99 [ 850.067813][T21794] overlayfs: failed to clone upperpath [ 850.828123][T21806] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6140'. [ 850.890742][T21806] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6140'. [ 850.902906][T21800] gretap0: refused to change device tx_queue_len [ 850.920200][T21800] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 853.042329][T21831] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 854.657316][T17871] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 854.788827][T17871] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 854.933814][ T4393] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 855.519662][T21870] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6161'. [ 856.897797][T21896] overlayfs: failed to clone upperpath [ 862.949340][T21934] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6179'. [ 863.802557][T21932] lo speed is unknown, defaulting to 1000 [ 863.991912][T21932] bond0 speed is unknown, defaulting to 1000 [ 864.520655][T21948] overlayfs: failed to clone upperpath [ 864.810279][T21959] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 864.810279][T21959] The task syz.3.6183 (21959) triggered the difference, watch for misbehavior. [ 870.383681][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 870.390979][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 874.492839][T22051] lo speed is unknown, defaulting to 1000 [ 876.560262][T22051] bond0 speed is unknown, defaulting to 1000 [ 877.673116][T22085] overlayfs: failed to clone upperpath [ 879.080520][T22120] netlink: zone id is out of range [ 879.138272][T22120] netlink: zone id is out of range [ 879.162644][T22120] netlink: zone id is out of range [ 879.185850][T22120] netlink: zone id is out of range [ 879.208257][T22120] netlink: zone id is out of range [ 879.232841][T22120] netlink: zone id is out of range [ 879.255099][T22120] netlink: zone id is out of range [ 879.276615][T22120] netlink: zone id is out of range [ 879.299044][T22120] netlink: zone id is out of range [ 879.322890][T22120] netlink: zone id is out of range [ 880.751486][T22140] lo speed is unknown, defaulting to 1000 [ 880.799927][T22140] bond0 speed is unknown, defaulting to 1000 [ 881.981217][T22156] overlayfs: failed to clone upperpath [ 882.628034][T22165] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6245'. [ 884.451129][T22185] IPv6: NLM_F_CREATE should be specified when creating new route [ 884.491504][T22187] tipc: Enabling of bearer rejected, failed to enable media [ 886.388637][T22219] 9pnet: p9_errstr2errno: server reported unknown error 0x000000000000 [ 887.351980][T22254] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 887.361054][T22254] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 887.370366][T22254] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 887.379917][T22254] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 887.396563][T22254] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 887.406714][T22254] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 887.416506][T22254] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 887.425923][T22254] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 890.595883][T22308] device ip6gre2 entered promiscuous mode [ 891.304384][T22310] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6289'. [ 896.561139][T22360] netlink: 20 bytes leftover after parsing attributes in process `syz.0.6303'. [ 900.731085][T22410] SET target dimension over the limit! [ 903.581961][T22443] device bond0 left promiscuous mode [ 903.644565][T22443] device bond7 left promiscuous mode [ 903.653914][T22443] device bridge9 left promiscuous mode [ 903.675237][T22443] device veth27 left promiscuous mode [ 903.805473][T22443] device ip6gre2 left promiscuous mode [ 905.361503][T22463] overlayfs: failed to clone upperpath [ 910.746467][T22542] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6360'. [ 912.294412][T22559] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6362'. [ 920.793441][T22655] ------------[ cut here ]------------ [ 920.799798][T22655] wlan0: Failed check-sdata-in-driver check, flags: 0x4 [ 920.830967][T22655] WARNING: CPU: 0 PID: 22655 at net/mac80211/driver-ops.h:172 ieee80211_bss_info_change_notify+0x37b/0x550 [ 920.932854][T22655] Modules linked in: [ 920.963444][T22655] CPU: 1 PID: 22655 Comm: syz.1.6392 Not tainted syzkaller #0 [ 921.132332][T22655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 921.343561][T22655] RIP: 0010:ieee80211_bss_info_change_notify+0x37b/0x550 [ 921.550492][T22655] Code: 39 7e f8 49 8b 84 24 00 06 00 00 49 81 c4 20 06 00 00 48 85 c0 4c 0f 45 e0 48 c7 c7 20 20 39 8b 4c 89 e6 89 ea e8 05 86 71 00 <0f> 0b e9 07 fd ff ff e8 a9 2d 39 f8 0f 0b e9 b1 fe ff ff e8 9d 2d [ 921.649774][T22655] RSP: 0000:ffffc90002eef3a0 EFLAGS: 00010246 [ 921.669567][T22655] RAX: 6ca27a577dc01800 RBX: 0000000002000000 RCX: 0000000000080000 [ 921.678392][T22655] RDX: ffffc90005869000 RSI: 0000000000003e6a RDI: 0000000000003e6b [ 921.693175][T22655] RBP: 0000000000000004 R08: ffff8880b9033d7f R09: 1ffff110172067af [ 921.704478][T22655] R10: dffffc0000000000 R11: ffffed10172067b0 R12: ffff88805ed5c000 [ 921.721193][T22655] R13: ffff88805ed5d290 R14: ffff88807e030e40 R15: ffff88805ed5e268 [ 921.729344][T22655] FS: 00007f1c8409a6c0(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000 [ 921.739128][T22655] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 921.745837][T22655] CR2: 0000555589d427d0 CR3: 0000000074236000 CR4: 00000000003506f0 [ 921.754252][T22655] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 921.762490][T22655] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 921.771492][T22655] Call Trace: [ 921.774935][T22655] [ 921.777974][T22655] ieee80211_set_mcast_rate+0x3b/0x50 [ 921.783729][T22655] ? ieee80211_leave_ibss+0x20/0x20 [ 921.789606][T22655] nl80211_set_mcast_rate+0x346/0x530 [ 921.795313][T22655] ? nl80211_nan_change_config+0x6b0/0x6b0 [ 921.801232][T22655] genl_rcv_msg+0xcea/0xf90 [ 921.805810][T22655] ? genl_bind+0x380/0x380 [ 921.810634][T22655] ? verify_lock_unused+0x140/0x140 [ 921.815896][T22655] ? verify_lock_unused+0x140/0x140 [ 921.821503][T22655] ? nl80211_nan_change_config+0x6b0/0x6b0 [ 921.827365][T22655] netlink_rcv_skb+0x1f5/0x440 [ 921.832691][T22655] ? genl_bind+0x380/0x380 [ 921.837267][T22655] ? netlink_ack+0xb50/0xb50 [ 921.842578][T22655] ? __lock_acquire+0x7d10/0x7d10 [ 921.847738][T22655] ? down_read+0x1aa/0x2e0 [ 921.852305][T22655] genl_rcv+0x24/0x40 [ 921.856335][T22655] netlink_unicast+0x774/0x920 [ 921.861405][T22655] netlink_sendmsg+0x8ba/0xbe0 [ 921.866267][T22655] ? netlink_getsockopt+0x570/0x570 [ 921.871694][T22655] ? aa_sock_msg_perm+0x94/0x150 [ 921.876786][T22655] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 921.882395][T22655] ? security_socket_sendmsg+0x7c/0xa0 [ 921.887903][T22655] ? netlink_getsockopt+0x570/0x570 [ 921.893439][T22655] ____sys_sendmsg+0x5b7/0x8f0 [ 921.898454][T22655] ? __sys_sendmsg_sock+0x30/0x30 [ 921.903600][T22655] ? import_iovec+0x6f/0xa0 [ 921.908359][T22655] ___sys_sendmsg+0x236/0x2e0 [ 921.913190][T22655] ? __sys_sendmsg+0x2a0/0x2a0 [ 921.918050][T22655] __se_sys_sendmsg+0x1af/0x290 [ 921.923334][T22655] ? __x64_sys_sendmsg+0x80/0x80 [ 921.928434][T22655] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 921.934686][T22655] ? lockdep_hardirqs_on+0x94/0x140 [ 921.940495][T22655] do_syscall_64+0x4c/0xa0 [ 921.945148][T22655] ? clear_bhb_loop+0x30/0x80 [ 921.949952][T22655] ? clear_bhb_loop+0x30/0x80 [ 921.954838][T22655] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 921.961076][T22655] RIP: 0033:0x7f1c85e40799 [ 921.965956][T22655] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 921.986511][T22655] RSP: 002b:00007f1c8409a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 921.995312][T22655] RAX: ffffffffffffffda RBX: 00007f1c860b9fa0 RCX: 00007f1c85e40799 [ 922.003530][T22655] RDX: 000000000000c800 RSI: 00002000000007c0 RDI: 0000000000000005 [ 922.012030][T22655] RBP: 00007f1c85ed6c99 R08: 0000000000000000 R09: 0000000000000000 [ 922.020139][T22655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 922.028162][T22655] R13: 00007f1c860ba038 R14: 00007f1c860b9fa0 R15: 00007ffd0fa130b8 [ 922.036450][T22655] [ 922.039620][T22655] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 922.046907][T22655] CPU: 0 PID: 22655 Comm: syz.1.6392 Not tainted syzkaller #0 [ 922.054377][T22655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 922.064665][T22655] Call Trace: [ 922.067987][T22655] [ 922.070951][T22655] dump_stack_lvl+0x188/0x250 [ 922.075912][T22655] ? show_regs_print_info+0x20/0x20 [ 922.081429][T22655] ? load_image+0x400/0x400 [ 922.085972][T22655] panic+0x2e5/0x810 [ 922.089913][T22655] ? bpf_jit_dump+0xd0/0xd0 [ 922.094522][T22655] ? ieee80211_bss_info_change_notify+0x37b/0x550 [ 922.101205][T22655] __warn+0x248/0x2b0 [ 922.105575][T22655] ? ieee80211_bss_info_change_notify+0x37b/0x550 [ 922.112154][T22655] report_bug+0x1b7/0x2e0 [ 922.116531][T22655] handle_bug+0x3a/0x70 [ 922.120815][T22655] exc_invalid_op+0x16/0x40 [ 922.125664][T22655] asm_exc_invalid_op+0x16/0x20 [ 922.130744][T22655] RIP: 0010:ieee80211_bss_info_change_notify+0x37b/0x550 [ 922.138002][T22655] Code: 39 7e f8 49 8b 84 24 00 06 00 00 49 81 c4 20 06 00 00 48 85 c0 4c 0f 45 e0 48 c7 c7 20 20 39 8b 4c 89 e6 89 ea e8 05 86 71 00 <0f> 0b e9 07 fd ff ff e8 a9 2d 39 f8 0f 0b e9 b1 fe ff ff e8 9d 2d [ 922.157810][T22655] RSP: 0000:ffffc90002eef3a0 EFLAGS: 00010246 [ 922.163924][T22655] RAX: 6ca27a577dc01800 RBX: 0000000002000000 RCX: 0000000000080000 [ 922.171948][T22655] RDX: ffffc90005869000 RSI: 0000000000003e6a RDI: 0000000000003e6b [ 922.180188][T22655] RBP: 0000000000000004 R08: ffff8880b9033d7f R09: 1ffff110172067af [ 922.188551][T22655] R10: dffffc0000000000 R11: ffffed10172067b0 R12: ffff88805ed5c000 [ 922.196756][T22655] R13: ffff88805ed5d290 R14: ffff88807e030e40 R15: ffff88805ed5e268 [ 922.204991][T22655] ieee80211_set_mcast_rate+0x3b/0x50 [ 922.210445][T22655] ? ieee80211_leave_ibss+0x20/0x20 [ 922.215900][T22655] nl80211_set_mcast_rate+0x346/0x530 [ 922.221390][T22655] ? nl80211_nan_change_config+0x6b0/0x6b0 [ 922.227403][T22655] genl_rcv_msg+0xcea/0xf90 [ 922.232139][T22655] ? genl_bind+0x380/0x380 [ 922.236787][T22655] ? verify_lock_unused+0x140/0x140 [ 922.242181][T22655] ? verify_lock_unused+0x140/0x140 [ 922.247461][T22655] ? nl80211_nan_change_config+0x6b0/0x6b0 [ 922.253501][T22655] netlink_rcv_skb+0x1f5/0x440 [ 922.258469][T22655] ? genl_bind+0x380/0x380 [ 922.262989][T22655] ? netlink_ack+0xb50/0xb50 [ 922.267806][T22655] ? __lock_acquire+0x7d10/0x7d10 [ 922.272976][T22655] ? down_read+0x1aa/0x2e0 [ 922.277901][T22655] genl_rcv+0x24/0x40 [ 922.281930][T22655] netlink_unicast+0x774/0x920 [ 922.287013][T22655] netlink_sendmsg+0x8ba/0xbe0 [ 922.291843][T22655] ? netlink_getsockopt+0x570/0x570 [ 922.297163][T22655] ? aa_sock_msg_perm+0x94/0x150 [ 922.302126][T22655] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 922.307483][T22655] ? security_socket_sendmsg+0x7c/0xa0 [ 922.313407][T22655] ? netlink_getsockopt+0x570/0x570 [ 922.318626][T22655] ____sys_sendmsg+0x5b7/0x8f0 [ 922.323592][T22655] ? __sys_sendmsg_sock+0x30/0x30 [ 922.328708][T22655] ? import_iovec+0x6f/0xa0 [ 922.333484][T22655] ___sys_sendmsg+0x236/0x2e0 [ 922.338358][T22655] ? __sys_sendmsg+0x2a0/0x2a0 [ 922.343204][T22655] __se_sys_sendmsg+0x1af/0x290 [ 922.348099][T22655] ? __x64_sys_sendmsg+0x80/0x80 [ 922.353052][T22655] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 922.359075][T22655] ? lockdep_hardirqs_on+0x94/0x140 [ 922.364350][T22655] do_syscall_64+0x4c/0xa0 [ 922.369031][T22655] ? clear_bhb_loop+0x30/0x80 [ 922.374009][T22655] ? clear_bhb_loop+0x30/0x80 [ 922.378814][T22655] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 922.385342][T22655] RIP: 0033:0x7f1c85e40799 [ 922.389938][T22655] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 922.410429][T22655] RSP: 002b:00007f1c8409a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 922.418951][T22655] RAX: ffffffffffffffda RBX: 00007f1c860b9fa0 RCX: 00007f1c85e40799 [ 922.427408][T22655] RDX: 000000000000c800 RSI: 00002000000007c0 RDI: 0000000000000005 [ 922.435492][T22655] RBP: 00007f1c85ed6c99 R08: 0000000000000000 R09: 0000000000000000 [ 922.443850][T22655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 922.452352][T22655] R13: 00007f1c860ba038 R14: 00007f1c860b9fa0 R15: 00007ffd0fa130b8 [ 922.460544][T22655] [ 922.464039][T22655] Kernel Offset: disabled [ 922.468786][T22655] Rebooting in 86400 seconds..